# This is bloody rediculous



## SynjoDeonecros (Jun 8, 2006)

Since, for some odd reason, I'm not able to set up a rant in the Rant and Rave board, or discuss this on the update board (both tell me that I'm not authorized to post on them), I guess I'll have to bring my complaints here, then.

I'm getting rather sick of all the down time, lags, and such plaguing the site, recently. At first, I was under the slightly understanding impression that it was a normal problem due to the heaps of y!gallery exiles storming in for sanctuary, but now I'm not so sure. I remember back before this site's death and rebirth, that it was plagued with about the same kind of problems it's having, now. And a year or so after it got shut down and revived, it's still having them. I had decided to wait to post any of my stuff on here until I was sure that this site had indeed improved, but so far, I'm not seeing it. What's going on, and what are the mods doing to fix it?


----------



## Dragoneer (Jun 8, 2006)

SynjoDeonecros said:
			
		

> What's going on, and what are the mods doing to fix it?


Right now the site is locked because Arcturus is making every attempt he can to fuck over the site and use exploits to bring it down. You can thank him personally for the site's downtime.

We're working on closing the fixes. He'd rather exploit the site and let users like yourself be screwed over so he can take down the site. The downtimes in the past two months have, in fact, been very minimal and we've improved things tenfold to how they were in the past, and we will be continuing those improvements now and into the future. FA is not going anywhere.

New coders are being brought on to help improve the site, stability and speed.


----------



## Dragoneer (Jun 8, 2006)

I also fixed the issue with Rants and Raves. That was my fault.


----------



## Magica (Jun 8, 2006)

Is it possible to report this person to his ISP at all, or would it be too complicated to do?


----------



## Tensik (Jun 8, 2006)

Is he hitting the forum too?  I'm noticing some massive lag spikes here.


----------



## Myr (Jun 8, 2006)

Hiya,

Our record in the past 2 months has featured none of this sort of extensive downtime like we're experiencing tonight. We've had a great past 2 months of speed and full features in operation nearly 24/7. Tonight, however, thanks to Arcturus and his constant efforts at trying to bring FA down and his blind hatred of Alkora/Jheryn, we are again taking all precautions possible to prohibit a break in to the system.

Honestly, the earlier site lock down was due to Arcturus and Dragoneer and Uncia were all over that one. I got information that Arc was working on a second exploit on the system and shut the site down again about two hours ago or so. I'd rather shut this place down for a while and let the coders do their thing than risk a potential break in and loss of data. It seems some people just can't move on with their lives and do something productive.

What I can say is that I am personally in the chat with Dragoneer, Alkora, nrr, and Crypto while they sort this situation out and get the site back up and operating safely. We can go live right this moment, but I'd rather sit back in a protected state just incase and let the coders do their thing within a reasonable amount of time. We are just about ready to release the lockdown, pending some final tests. We thought we thwarted Arc the first time, he found something else, and now we're going the extra mile. Believe me when I say this is a very very productive bit of downtime.

I don't like the downtime either. I'd rather be fav'ing, watching, and commenting on stuff. Not sitting here in a chat while I wait for someone to give me the all clear to free the site up again. Alkora, Crypto, nrr, and Dragoneer are making progress.

- Myr


----------



## Dragoneer (Jun 8, 2006)

DragonMagica said:
			
		

> Is it possible to report this person to his ISP at all, or would it be too complicated to do?


We've done it before several times. He's in Europe, and the ISP doesn't seem to care. Arcturus has a grudge against FA. It's good that we find these exploits and close them, but he's made a game of trying to hurt the site... and we're making a job of improving it.

Some downtime will occur, but we're trying to keep it limited.


----------



## Tensik (Jun 8, 2006)

*RE:   This is bloody rediculous*



			
				Dragoneer said:
			
		

> DragonMagica said:
> 
> 
> 
> ...



a known enemy can be your best friend.  he might think he's hurting you but all he's doing is forcing the site to get better, lol.


----------



## SynjoDeonecros (Jun 8, 2006)

Dragoneer said:
			
		

> DragonMagica said:
> 
> 
> 
> ...



Is he the guy who left FA right before it went down the first time, or am I thinking of another guy? Also, I can see how the unbridled hatred of one person can fuck over a community site; one of the Yu-Gi-Oh! forums that I was a member of was bombarded by some dickhead who had an ancient mad-on against one of the mods on there from even before the guy became a mod, and it eventually cumulated in the dickweed flooding the forums with nasty pictures and inappropriate text, before hacking into the site and pretty much deleting it all. People like that makes me want to kill, and not in the good way. As if there's a good way to want to kill (there isn't, trust me).


----------



## Arshes Nei (Jun 8, 2006)

Tensik said:
			
		

> a known enemy can be your best friend.  he might think he's hurting you but all he's doing is forcing the site to get better, lol.



Ummm he's always felt he was doing that, call it a "hero" complex or whatever.

I'm not apologizing for him either, quite frankly I got tired of it long ago. I'm just saying in his mind he's obsessed with the site where he feels his behavior is doing FA a favor either way.


----------



## Dragoneer (Jun 8, 2006)

SynjoDeonecros said:
			
		

> Is he the guy who left FA right before it went down the first time, or am I thinking of another guy? Also, I can see how the unbridled hatred of one person can fuck over a community site; one of the Yu-Gi-Oh! forums that I was a member of was bombarded by some dickhead who had an ancient mad-on against one of the mods on there from even before the guy became a mod, and it eventually cumulated in the dickweed flooding the forums with nasty pictures and inappropriate text, before hacking into the site and pretty much deleting it all. People like that makes me want to kill, and not in the good way. As if there's a good way to want to kill (there isn't, trust me).


Yes, Arcturus was the guy who originally caused FA to break apart the first time after he decided to do things "his way" instead of consulting with the team.

I've replaced Arcturus' role.

Again, we really dislike downtime, but we'd rather have momentary downtime to fortify the site.


----------



## Tensik (Jun 8, 2006)

*RE:     This is bloody rediculous*



			
				Arshes Nei said:
			
		

> Tensik said:
> 
> 
> 
> ...



Um, I wouldn't know, I know nothing about the guy or the situation, just the recent effects and what Drag said in this thread.


----------



## Arshes Nei (Jun 8, 2006)

Dragoneer said:
			
		

> Yes, Arcturus was the guy who originally caused FA to break apart the first time after he decided to do things "his way" instead of consulting with the team.



Sorry no, both sides get the blame for that. Don't put that on Arc alone. Be mad at him for the other stuff he did, but FA's old administration was horrible.  To be honest I couldn't blame him for what he did. He was the primary funder of that server at that time.


----------



## Hanazawa (Jun 8, 2006)

Out of curiosity, is it really wise to mention him by name in the news posts? It seems like doing such a thing has the potential to simply stroke his ego, and give him the attention he seems to be desperate for.

Even if it's one of those "everyone KNOWS who did it in the back of their minds" kind of scenarios, it might be better to leave the personal notes off. it comes off as a little too personal/unprofessional to air something out in the open like that.

I only bring this up because I admin a website that's had a persistent "problem user" continue to return and wreak havoc over and over again, though honestly nothing as serious as a security breach or site downtime (he hates ME, not the site. heh). It seems to me that calling him out by name/giving him more attention only makes the problems worse.


----------



## Myr (Jun 8, 2006)

Hanazawa said:
			
		

> It seems to me that calling him out by name/giving him more attention only makes the problems worse.


He's been at this for a good year if not longer. The fact that FA is still running is cause enough for him to try to do things to harm the site and its community. Funny, because many of that community did support him when he went off for his own project. I can understand a grudge, but when you're willing to attack the very people who were following you...that's just not right.


----------



## MaLaKa (Jun 8, 2006)

**blar edit** I didnt realise he was a fellow furry :| Thats even worse lol... 

I agree with Hanazawa. Just keep up the good work admins, keep them security upgrades rolling and eventually he will pitter away. He is like a 5 year old screaming at the shops for a candy bar.. just ignore him and it will fade away. 

My 2 cents  

btw love ur work admins!


----------



## SynjoDeonecros (Jun 8, 2006)

Hanazawa said:
			
		

> Out of curiosity, is it really wise to mention him by name in the news posts? It seems like doing such a thing has the potential to simply stroke his ego, and give him the attention he seems to be desperate for.
> 
> Even if it's one of those "everyone KNOWS who did it in the back of their minds" kind of scenarios, it might be better to leave the personal notes off. it comes off as a little too personal/unprofessional to air something out in the open like that.
> 
> I only bring this up because I admin a website that's had a persistent "problem user" continue to return and wreak havoc over and over again, though honestly nothing as serious as a security breach or site downtime (he hates ME, not the site. heh). It seems to me that calling him out by name/giving him more attention only makes the problems worse.



Frankly, if he has as big of a mad-on as it seems like he does, then I doubt that it really matters if we talk about him by name or not; he'll just be attacking this site just as hard, regardless. With the incident on that Yu-Gi-Oh! board that I mentioned, the mod that was the target of the dickhead's ire didn't even mention the guy, as far as I knew, before the guy started spamming the board with shit. If someone hates a person enough to plot their ruin every single moment of the day, then no amount of silence or mentioning of their name is going to change that.


----------



## Hanazawa (Jun 8, 2006)

I'm not trying to belittle the situation, and I WAS a member of FA for about two weeks before the initial shut-down explosion event thing. ^^;

I agree that what Arcturus is doing is silly and wrong. I also think it may be against better judgement to post what is essentially, to me, a "nyah nyah lookit what he tried to do but we stopped him!!" message on the front page/in the news announcements. Simply saying "The issue arose after someone..." rather than "The issue arose after Artcurus, yet again..." would probably be sufficient and less... I dunno. Baity.

On the whole, I love the job you guys are doing, and I'm glad you were able to handle the situation quickly!


----------



## MaLaKa (Jun 8, 2006)

He will get bored of it. I would. Also thus far it hasnt really made FA unpopular or worse for ware. If anything its strengthenimh the immune system. What doesnt kill you only makes you stronger!


----------



## Hanazawa (Jun 8, 2006)

SynjoDeonecros said:
			
		

> Frankly, if he has as big of a mad-on as it seems like he does, then I doubt that it really matters if we talk about him by name or not; he'll just be attacking this site just as hard, regardless.



Agreed, but I don't think that anything can be pointed to as the administration "asking for it" is going to be good for the site in the long-run. If he's going to keep being a jerk, why give him justification for it?


----------



## Dragoneer (Jun 8, 2006)

Hanazawa said:
			
		

> I'm not trying to belittle the situation, and I WAS a member of FA for about two weeks before the initial shut-down explosion event thing. ^^;


We've left him out of the news posts in the past and have largely ignored him. However, I'm tired of covering up the actions of one single user who is out to ruin the site and the the user's experience. Were this a random netgoon, I'd not give two shits, but Arcturus wants to take credit for it, so hey, he can go right ahead.

I figure people can thank him personally.

However, we have over 20,000 accounts. That's a lot of people who deserve answers for downtime, a reason and a finger to point to. I'm not saying we haven't made mistakes in the past (we've made more than our fair share!). 

Yes, security could have been tighter, and we are constantly trying to improve.


----------



## Hanazawa (Jun 8, 2006)

Very well then, that's the kind of answer I was looking for. 

Thanks again ^^


----------



## dave hyena (Jun 8, 2006)

This is the kind of thread that increases my confidence in the FA administration & maintenence team.


----------



## Thaily (Jun 8, 2006)

What a crazy coincidence, Weird Al just wrote a song about Arc 

To the music of "You're beautiful" by James Blunt.

_________________

My life is brilliant... What, was I too early? I'm sorry should I... Do I start over or keep going? Okay. Now? Now?

My life is brilliant, your life's a joke
You're just pathetic, you're always broke
Your home made Star Trek Uniform really ain't impressing me
You're suffering from delusions of adequacy

You're pitiful, you're pitiful
You're pitiful it's true
Never had a date, that you couldn't inflate
And you smell repulsive too, what a bummer being you

Well you just can't dance, and forget romance
Everybody you know still calls ya "fartypants"
But you always have a job, well I mean, as long as you still can work that Slurpee machine

You're pitiful, you're pitiful
You're pitiful it's true
You're half undressed, eating chips off your chest 
While you're playing Halo too

No-one's classier than you.

La la la la, la la la la, la la la lo-hoseeeeer

You're pitiful, you're pitiful
You're pitiful it's true
Your dog would much rather, play fetch by itself
You still live with your mom and you're 42

Guess you'll never grow a clue
When it just sucks to be you
_________________


----------



## Emerson (Jun 8, 2006)

*RE:     This is bloody rediculous*



			
				Dragoneer said:
			
		

> I've replaced Arcturus' role.
> 
> Again, we really dislike downtime, but we'd rather have momentary downtime to fortify the site.



You've become the FA jerk? You're doing a bad job then, dude. Geez.

Also, I think the site has been running beautifully over the last few months. I figured last nights lock down was due to something screwy, though I'm surprised that Arc was behind it. He's so, like, 15 minutes ago.


----------



## Evol (Jun 8, 2006)

Only Thaily can prevent forest fires; she just chooses not to.


----------



## Silver R. Wolfe (Jun 8, 2006)

Emerson said:
			
		

> Dragoneer said:
> 
> 
> 
> ...



Lawlz.  I didn't suspect Arc either.  I thought he had given up on trying to mess up the site, but I guess I was wrong.


----------



## Suule (Jun 8, 2006)

Weee... why I'm not suprised by Arc's immaturity?


----------



## Arcturus (Jun 8, 2006)

Please feel free to direct any and all flaming of me to james@basementcoder.com, where you'll each receive a rather detailed reply of exactly what I did, how I did it and why.

And let me just state that while yes, there was a huge hole and I wrote code to take advantage of it, apart from testing it on myself and a friend to make sure it actually DID work, the only person to ever be affected, was Dragoneer, after he asked to know what the exploit was. He just shit a huge brick over it, that's all.

Don't blame the site being down, on me. I could just mentioned that 'there was a huge hole', left it like that, and then, the site could've been down for days whilst they went over it, trying to find where. But no, I even went so far as to provide a working example.

And no, I doubt I will ever leave FurAffinity alone. Why should I? If it wasn't for me, it probably would've died out back in early 2005. The administration may be, in my opinion, once again lacking, but the site is.. sort of.. going in the right direction.

And yes, I am finding these holes intentionally. If I don't, no doubt someone else WILL, with horrific malicious intent and it'll be like FA 1, where hundreds of users had their passwords posted on LJ all over again.

Peace.


----------



## Thaily (Jun 8, 2006)

[04:08] <Dragoneer[TOS]> Arc...
 [04:09] <Kellarikemisti> Yes?
 [04:09] <Dragoneer[TOS]> Give me my password
 [04:09] <Dragoneer[TOS]> Now.
 [04:09] <nrr> oh what
 [04:09] <Dragoneer[TOS]> The exploit is good and all, and we'll get it fixed... it's nice that I know about it, but...
 [04:09] <Kellarikemisti> You could always turn javascript off in your browser and hit the page again, then view the source to get it.
[04:11] <Kellarikemisti> I could just give it to you, it's true. Why should I? I did you a favour by letting you know about the exploit, instead of sending it to the far corners of the earth so everyone and their mothers coudl steal FA account.



Oh yeah, that's Arc being a nice helpful person alright.

It's obvious to everyone but Arc himself that he has a matchstick-sized hate-boner over FA because the userbase spat him out like shit-flavoured gum.


----------



## Arcturus (Jun 8, 2006)

Thaily said:
			
		

> [04:08] <Dragoneer[TOS]> Arc...
> [04:09] <Kellarikemisti> Yes?
> [04:09] <Dragoneer[TOS]> Give me my password
> [04:09] <Dragoneer[TOS]> Now.
> ...



Yes, I was helpful, by letting them know of the exploit to begin with. I was under no compulsion to. He could've gotten the password by disabling js and hitting the page, no problems. Infact, I did a GIGANTIC help, by letting Dragoneer know about this, wanna know why?

This exploit required you to know some basic html, and to be able to google for how to post a form and open a popup in javascript, all piss easy stuff. Just doing that (Code examples at http://www.basementcoder.com/ now) would've enabled you to send a link to an FA user, and then, when they opened it, you'd have control of their account. This would've been just like back in FA v1, when Jheryn had only MD5'd passwords and was storing them in a cookie and then all those cookies were stolen.

And I don't have a hate-boner over FA and the userbase never spat me out. Jheryn himself did, there is a marked difference.


----------



## Thaily (Jun 8, 2006)

*p-tooi*


----------



## Suule (Jun 8, 2006)

arcturus@scriptkiddies.org


----------



## Arcturus (Jun 8, 2006)

Thaily said:
			
		

> *p-tooi*





			
				Suule said:
			
		

> arcturus@scriptkiddies.org



Is that the best you two can really come up with? No vehement defences? No easily deniable accusations? No flights of ponderous whimsy? I'm saddened.


----------



## Tensik (Jun 8, 2006)

*RE:   This is bloody rediculous*



			
				Arcturus said:
			
		

> Thaily said:
> 
> 
> 
> ...



But you did leave out a third option.  You said you could either tell them, or you could post it to the far corners of the earth.

did you ever consider the option of just . . . walking away and not looking back?  I don't know you and don't have an opinion one way or the other, but it's pretty obvious to me that these guys really would be much happier if you didn't do this type of thing.  If you left, and someone broke in, that's on their shoulders now and unless I'm missing something where the servers are on your space or you have an actual continuing (not previous, continuing) stake in the site that I am unaware of, it's not your problem.


----------



## Thaily (Jun 8, 2006)

Why put the effort into making a well-thought out post? You're obviously denser than the blubber in Roseanne Barr's ass.


----------



## Arcturus (Jun 8, 2006)

Thaily said:
			
		

> Why put the effort into making a well-thought out post? You're obviously denser than the blubber in Roseanne Barr's ass.



No, please, make a well-thought out post. I'd like to read it. Irregardless of whether I may, or may not be dense (I'm not so sure that I am, but that's another matter entirely), you should make the post. I will read it, others will read it, it could enlighten or foreshadow parts of this entire situation.


----------



## Thaily (Jun 8, 2006)

Yeah, I'm totally gonna do you a favor.
Just be thankful I don't do favors for you the same way you're doing favors for Dragoneer, FA and it's userbase.

I'm gonna do something constructive, unlike you.


----------



## Arcturus (Jun 8, 2006)

Thaily said:
			
		

> Yeah, I'm totally gonna do you a favor.
> Just be thankful I don't do favors for you the same way you're doing favors for Dragoneer, FA and it's userbase.
> 
> I'm gonna do something constructive, unlike you.



So.. you're just blatantly refusing to talk on the issue further after making what appears to be some baseless accusations? I thought you could do better, Thaily, I really did. I thought you were actually capable of delivering a well thought out, coherant argument for why I perhaps should not have done what I did, or perhaps, even a single justification for saying I have a 'matchstick-sized hate-on' for FurAffinity, but alas, this seems to not be the case. A shame, really.


----------



## Arshes Nei (Jun 8, 2006)

It's RIDICULOUS but whatever.

You know FA has a lot of flaws, no denial, months, and almost a year has gone by where the same warnings were in place, were not fixed. I guess that's fine because people just want a community. Understandable, but given the circumstances and past it doesn't kill to really evaluate your admin structure and coders. "We're in the process"...you've been so for a LONG time. It's the same song and dance, with returning members, extras and new actors.  Need more sequels?

What bothers me is that Arcturus, you think you're doing them favors, with the mentality, it could have been worse if it was someone else. The last 3 attacks were by YOU. I'm waiting for the SOMEONE ELSE for a while now.

I do not appreciate having a coder from our team fixing up your crap. While it was gracious of nrr to help FA out because I acknowledge it wasn't that much time for him to come up with a fix, it still means in a way we're fixing your BS.

To FA again: if you're upset by these attacks, then ban him, the more you leave him on the forums, IRC and main site regardless of people defending him, says you condone it, or don't really see this behavior as serious to your site.

Otherwise stop complaining about what he did, because it's not very becoming either :/


----------



## Arcturus (Jun 8, 2006)

Arshes Nei said:
			
		

> It's RIDICULOUS but whatever.
> 
> You know FA has a lot of flaws, no denial, months, and almost a year has gone by where the same warnings were in place, were not fixed. I guess that's fine because people just want a community. Understandable, but given the circumstances and past it doesn't kill to really evaluate your admin structure and coders. "We're in the process"...you've been so for a LONG time. It's the same song and dance, with returning members, extras and new actors.  Need more sequels?
> 
> ...



Whether anyone from your team ends up fixing it or not is not really any of my business, nor will I let it affect my decisions in any way, shape or form. And just because we haven't HEARD about these 'someone else', doesn't mean they don't exist.


----------



## nullenigma (Jun 8, 2006)

Here's a stupid but amusing metaphor.

Hypothetical scenario. Arc is in the oval office, Bush has nuclear launch codes on a post-it on his computer monitor.  Is it moral to start WW3 because there's poor security?


----------



## Emerson (Jun 8, 2006)

*RE:  This is bloody rediculous*



			
				nullenigma said:
			
		

> Here's a stupid but amusing metaphor.
> 
> Hypothetical scenario. Arc is in the oval office, Bush has nuclear launch codes on a post-it on his computer monitor.  Is it moral to start WW3 because there's poor security?



I think you mean analogy. Here's a better one, though:

You see that your neighbor's car is leaking gasoline from the tank. Do you:

A) Knock on their door and tell them that their car is leaking gasoline and they should get it fixed.

or

B) Light a match and throw it into the gasoline, destroying the car in a ball of flame. Then, when they run out screaming and asking why you blew their car up, tell them that it was leaking gas and you wanted them to know about it and they're lucky it was you because if it was someone else it could have been worse.


----------



## nullenigma (Jun 8, 2006)

Emerson said:
			
		

> nullenigma said:
> 
> 
> 
> ...




Hahaha! Yours is much better xD


----------



## Dragoneer (Jun 8, 2006)

silverwolfe said:
			
		

> Lawlz.  I didn't suspect Arc either.  I thought he had given up on trying to mess up the site, but I guess I was wrong.


He did it right in the FA IRC channel, too.


----------



## lolcox (Jun 8, 2006)

This thread, as well as a very good percentage of the furry fandom, is stupid.

All of you are wrong, really.

The FA team was wrong for leaving such a gaping hole there. It was really, really, only a matter of time before a script kiddie got around to it.

Arcturus was wrong, for even telling you about it. Should've just ignored it, and washed his hands of it. 

You'd still have blamed him for it anyway, when it did come to fruition, from what I gather.

Just dump the whole fucking thing in the shitcan, and write it all again. From scratch.

And for fuck's sake... learn proper X/HTML. Don't use a DTD that claims you're XHTML 1.0 Transitional, and not even comply.


----------



## Dragoneer (Jun 8, 2006)

Arshes Nei said:
			
		

> I do not appreciate having a coder from our team fixing up your crap. While it was gracious of nrr to help FA out because I acknowledge it wasn't that much time for him to come up with a fix, it still means in a way we're fixing your BS.
> 
> To FA again: if you're upset by these attacks, then ban him, the more you leave him on the forums, IRC and main site regardless of people defending him, says you condone it, or don't really see this behavior as serious to your site.
> 
> Otherwise stop complaining about what he did, because it's not very becoming either :/


Nrr offered to assist us with it, so your beef is with him and not us.

Now, I know not everything in FA Code Land is not merry, not perfect. I know that we have much to improve on, and with the addition of Arrow Tibbs and Yak, our focus has been entirely on improving the code and awareness of the bugs.

Arc is hereby permanently banned. I had banned him before and lifted the bans because I hate to have to drop down bans and it's not my style. However, everytime we give Arc an opportunity he takes and uses that opportunity to fuck us over.

I'm all for finding exploits and finding ways to closing said exploits. After having my account compromised and Arc telling me it was my job to go find it... it was the last straw. I was not going to waste time trying to figure out where the hell my own password may (or may not) be while somebody is potentially logging into my account and doing damage.

But, it's been handled. Security is being bumped up to the new priority for the coding group. I'm not saying this wasn't FA's fault because the hole was there and it was an issue, but his "reveleation" of the bug was handled wrong.


----------



## Wolfblade (Jun 8, 2006)

edit:

Permabanned. Good. Nevermind then >_<


----------



## Wolfblade (Jun 8, 2006)

On a side note... under the whole "we gave him chances, and he always uses them to fuck us over"....

I saw on another thread mention of someone who had something to do with downtimes in the past. There was some indication that they might be leaning towards it again.

I really would hope that the users of this site, who I'm sure are tired of all the downtimes and attacks and problems and shit, would REALLY not mind too much if you guys became just a SMIDGE more pre-emptive in getting rid of users who were connected to KNOWN threats in the past.

I'm not saying witch hunts. I'm just saying Zero-tolerance for people involved in harming this site. If you know someone helped fuck the place up once, there is NO reason they need to ever be given the chance again.

For the love of god, stop acting like banning someone is as bad as murdering them. If someone is a serious and known threat to the functionality and happiness of this community, it is your duty to the community to remove the threat.

Please?


----------



## Dragoneer (Jun 8, 2006)

lolcox said:
			
		

> The FA team was wrong for leaving such a gaping hole there. It was really, really, only a matter of time before a script kiddie got around to it.
> 
> Arcturus was wrong, for even telling you about it. Should've just ignored it, and washed his hands of it.
> 
> You'd still have blamed him for it anyway, when it did come to fruition, from what I gather.


Xial,

We only put the proper blame where the blame lay, and when we have proof. At least under this administration. I can not speak for the prior FA.

The hole should never have been there and it was a dangerous exploit which, thankfully, has been fixed. We're amping up our focus on security for the site. Again, it shouldn't have been there but it was.

Arcturus was kind enough to show us where the vulnerability lay which we were able to fix. Unfortunately, he chose not to handle in a mature manner.


----------



## lolcox (Jun 8, 2006)

Arshes Nei said:
			
		

> Otherwise stop complaining about what he did, because it's not very becoming either :/


You're dealing with Lol, Furries, Arshes.
Of course you should expect metric fucktons of lol, whining.



			
				Dragoneer said:
			
		

> Nrr offered to assist us with it, so your beef is with him and not us.


nrr probably felt sorry for those who tolerate the spaghetti code you guys are using. Beef returns to you. Use it to make a hearty, rich sauce for your spaghetti.



			
				Dragoneer said:
			
		

> Now, I know not everything in FA Code Land is not merry, not perfect. I know that we have much to improve on, and with the addition of Arrow Tibbs and Yak, our focus has been entirely on improving the code and awareness of the bugs.


Then fix damned /msg/submissions/ - you have the rating outlines on EVERYWHERE but there. I'm sure you have a number of support tickets for it, too.

Fix your damn XHTML. Your main page alone pisses off the validators.

Name your damn elements and tables with unique names (... id='blah'). That way, I can use extensions such as Stylish, to simply carve the lackluster UI you present into something that's readable and more streamlined.

Turn that damn sidebar into an unordered list. Give that some proper naming, too. 

Explain why the hell you keep dropping UNIX Timestamps into the filenames.
Don't claim it's to prevent filename collision - you're already doing that by prepending the user's damned name to the file.
Is it that hard to say to the user, "Hey, you've already got a file here with that same name. This is what the file looks like: (image). Do you wish to overwrite this file, present this image as an alternate version (which would rock for people who upload several sketches of the exact same picture) to the current, or rename the file you're uploading to use it as a new submission?"



			
				Dragoneer said:
			
		

> Arc is hereby permanently banned. I had banned him before and lifted the bans because I hate to have to drop down bans and it's not my style. However, everytime we give Arc an opportunity he takes and uses that opportunity to fuck us over.


lol, b&.
Idiots.



			
				Dragoneer said:
			
		

> I'm all for finding exploits and finding ways to closing said exploits. After having my account compromised and Arc telling me it was my job to go find it... it was the last straw. I was not going to waste time trying to figure out where the hell my own password may (or may not) be while somebody is potentially logging into my account and doing damage.


It IS your fucking job. You help manage that spaghetti heap. You should know your own damn sauce.



			
				Dragoneer said:
			
		

> But, it's been handled. Security is being bumped up to the new priority for the coding group. I'm not saying this wasn't FA's fault because the hole was there and it was an issue, but his "reveleation" of the bug was handled wrong.


Way to man up in the end.



			
				Wolfblade said:
			
		

> I really would hope that the users of this site, who I'm sure are tired of all the downtimes and attacks and problems and shit, would REALLY not mind too much if you guys became just a SMIDGE more pre-emptive in getting rid of users who were connected to KNOWN threats in the past.


Guess it's time to get rid of Jheryn, eh? :B


----------



## Dragoneer (Jun 8, 2006)

lolcox said:
			
		

> Dragoneer said:
> 
> 
> 
> ...


I am not a coder and do not handle the coding.



			
				lolcox said:
			
		

> Guess it's time to get rid of Jheryn, eh? :B


No. The problem is we've all got busy schedules. Jheryn is a full time college student who doesn't have time right now, which is one of the reasons we're we're looking for new coders. Jheryn will have time again, soon. And he is working on coding when he can.


----------



## Wolfblade (Jun 8, 2006)

They might be more able to work on all the niceties of 'how the site works/looks' if they weren't having to worry about fuck-ass exploit attacks all the time.

Though if there are really THIS MANY holes in the code, I mean, I dunno guys. 

Is there ANY consideraton being made to start from scratch? With someone who SOLIDLY knows what they are doing?

I'm not saying take the site down and rework it. I'm not saying take it down until somebody builds something better. I'm saying have the >most experienced< code types work on building a new FA site code. Start over. From scratch. Or from a different base template or SOMETHING, I don't know, and leave the rest of the staff to keep this place going as it is. 

There is a currently working site, if people would leave it the hell alone. Let that stay up, and build a replacement in the shadows. START with making sure ALL submissions and accounts will be able to transfer properly (I never did get my old account to import right) and then when the new code is ready, tested, beta'ed, retested, retested, retested, and you KNOW it works solidly, THEN put it up in place of this one. 

I honestly don't know coding and stuff. I don't know how hard or easy this would be. It just really seems like it CAN'T be much more trouble than trying to hold the spaghetti-ship together is seeming to be.


----------



## Emerson (Jun 8, 2006)

I don't know coding, or how big or how many holes FA has, so I don't want to get TO deep into this.

HOWEVER...

As someone who works in the security industry I can tell you that if someone knows what they're doing, and if they want into your premise (or website) bad enough, they WILL get in. Period. It's just a matter of time. So the idea of a perfect FA that never gets hacked? Not gonna happen.


----------



## wut (Jun 8, 2006)

Wolfblade said:
			
		

> There is a currently working site, if people would leave it the hell alone. Let that stay up, and build a replacement in the shadows. START with making sure ALL submissions and accounts will be able to transfer properly (I never did get my old account to import right) and then when the new code is ready, tested, beta'ed, retested, retested, retested, and you KNOW it works solidly, THEN put it up in place of this one.



They did that last time. The time before that, too. 

Though I guess "rebuilding from scratch" is codetalk for "rehashing the same damn codebase every time and presenting it in a way that doesn't make this recognizable at first glance" here.


----------



## Wolfblade (Jun 8, 2006)

wut said:
			
		

> They did that last time. The time before that, too.
> 
> Though I guess "rebuilding from scratch" is codetalk for "rehashing the same damn codebase every time and presenting it in a way that doesn't make this recognizable at first glance" here.



No see, that's what I mean. No more "starting from scratch" as in "reworking the code from the ground up" or whatever.

ACTUALLY start with new or different base code. Snover over at Y! has said he might be willing to share that site's code if someone qualified and serious enough asked him for it. Or make a new code. Rather: someone who completely and thoroughly knows what they're doing make a new code. Good intentions and nicest guy ever, and well meaning, and all other happy blah blah aside, if someone is an amateur coder, or a professional that still has quite a ways to go, they should not take it as an insult that a more experienced and talented person is needed to do the job right.

Since before the split even, I've always heard people saying "the code sucks. the code sucks. the code sucks." Even if we were to just ignore them all, there's the fairly often "we found another hole, gotta fix it" to suggest they can't be ENTIRELY wrong. Set the pride aside, and if the code is this flawed, admit it and get some that isn't.

The site works for now. Cool. Great. But all the time and energy you guys could be putting towards user suggestions and making the site more functional and friendly to use has to go JUST to keeping the thing's holes duct-taped together. I really am by no means trying to belittle the monumental effort you guys are putting into this, but the more hard work we have to assume you guys are making, the LESS it makes sense to put that kind of crazy energy into JUST keeping it afloat, with all the other concerns that simply can't ever be addressed the way things are now.


----------



## Jirris (Jun 8, 2006)

Hey, shouldn't Arc be working on his own site anyways?

I guess that explains where art-whatever-the-hell-it's-called-now isn't.

Someone sounds *awfully* bitter that there is only one of the two proposed artsites up and running.

Ok, enough caustics.

Considering the previous fantastic failures in FA's past, I'm happy to see them running.  Arc was very nice to offer his time and money to run the site for the time he did, but that ended ugly and he has to move on instead of 'helping'.  I'm very happy that FA is working to get better coders working for the site, because it does have a lot of problems, even ones that a computer-illiterate like me can see.  

I lied, a bit more rage-ahol.

Lolcox, go eat a dick.  If you're going to be helpful (in the real sense, not in the Arc sense of sucker punching and claiming it was a lesson to avoid suckerpunches), feel free to stick around.  Otherwise, go do whatever it was you were doing before hand.


----------



## Arshes Nei (Jun 8, 2006)

Jirris said:
			
		

> Hey, shouldn't Arc be working on his own site anyways?
> 
> I guess that explains where art-whatever-the-hell-it's-called-now isn't.
> 
> Someone sounds *awfully* bitter that there is only one of the two proposed artsites up and running.



If you mean AP the project went on without him, just under a different name. So he's no longer involved, but it is still being worked on.

However, caustic, the other poster (lolcox) did make some real points. He's not exactly condoning Arc either, but he said in his first post all sides were wrong.


----------



## Jirris (Jun 8, 2006)

Arshes Nei said:
			
		

> If you mean AP the project went on without him, just under a different name. So he's no longer involved, but it is still being worked on.



Ah.  Excuse me while I eat a fair amount of crow.

...

Ok, I did not know that.  My bad.  I appologize for blatantly trolling a defenseless target.



			
				Arshes Nei said:
			
		

> However, caustic, the other poster (lolcox) did make some real points. He's not exactly condoning Arc either, but he said in his first post all sides were wrong.



I agree with that.  Remember, I threw a big fit back in the day when Xax was banned for making '.' a user-name and crashing the site.  No, I will not discuss that now in any way, shape or form in this thread.  Responses about it from anyone will be ignored.

I think that Arc's testing of the site was partially valid, but handling of the situation was petty and immature.  I think that FA's staff frequently goes ahead with the site without really testing it.  That's why my password for this site is unique to it, and not used anywhere else on the internet.  I still don't trust the staff of FA to run a tight ship, but I will use their services because I like what they already give us.

However, Lolcox decided that it was cool to come to the board and begin tossing fire around on his first post.  It was not constructive in any way and serves primarily for flamebait.  I feel somewhat justified to tell a troll to go eat a wang sandwich.


----------



## Arshes Nei (Jun 8, 2006)

Jirris said:
			
		

> Arshes Nei said:
> 
> 
> 
> ...



That is quite alright, perhaps seeing this thread and his behavior now gives you some insight why our team decided to part ways, although we did offer a compromise at the time.

Past is past, our project moves on.





			
				Jirris said:
			
		

> I agree with that.  .. (edited)
> 
> 
> However, Lolcox decided that it was cool to come to the board and begin tossing fire around on his first post.  It was not constructive in any way and serves primarily for flamebait.  I feel somewhat justified to tell a troll to go eat a wang sandwich.



I think the problem is there is some bitterness and resentment from people who have tried to actually help or advise FA in the past, at first they were gentle about it and it just became a boiling point where it was more yelling than anything. So I belive some of the reason the way the post was worded was due to this. I am not going to deny that even I have some of this, but it also has to do with a pet peeve of repeating myself. So either now I laugh at it, which by definitions of a sensitive fandom = trolling or just say it bluntly.

People like FA for the community, so I think they're a bit more forgiving towards things that they'd normally not tolerate, and that is alright, but you also can't blame people for being frustrated either.


----------



## Myr (Jun 8, 2006)

It's one thing to expose a gaping hole, but it's another to take advantage of it, act immaturely, and deliberately take over an admin account. Given the fact that we've caught Arcturus hacking the site in the past so many times I don't see how he can be trusted. Sorry, but he's no "good samaritan" like he wants to be made out to be. We're not going to take another risk when it involves someone so determined to attack and undermine the site in every way possible, from stealing the artwork of users who would have supported the AP project but happen to be on FA, to bitching about a little pointless icon shown on the site that regular users just don't care about.


----------



## Arshes Nei (Jun 8, 2006)

DragonMyr said:
			
		

> from stealing the artwork of users who would have supported the AP project but happen to be on FA, ...



I'm sorry, what? Clarify.


----------



## Dragoneer (Jun 8, 2006)

Arshes Nei said:
			
		

> DragonMyr said:
> 
> 
> 
> ...


I believe it's in reference to Arcturus using the original copy of FA's database for his own site without FA's permission to do so.


----------



## Arshes Nei (Jun 8, 2006)

Dragoneer said:
			
		

> Arshes Nei said:
> 
> 
> 
> ...



Ehh, that's still a wishy washy situation, considering the idea was for the user to have the option to log in and reclaim it or delete it.


----------



## Myr (Jun 8, 2006)

Dragoneer said:
			
		

> Arshes Nei said:
> 
> 
> 
> ...


Oh, no, I thought he had permission for that... That was back when I didn't want any part in this conflict at all. What caused me to take a side against Arc was his AI commentary system where he'd go grab artwork from artists on FA and then let his buggy AI scripts or whatever he was using write inflamatory comments about that artwork. It sounds harmless, but when you consider the fact that several of these artists were on the list to be imported to AP and supported Arc's plan to make an alternative to FA it's not quite so harmless anymore. It just goes to show he's willing to bite the hand that wanted to feed him and slap community members, who have no part of this FA/Jheryn-grudge nor interests in taking sides, that were willing to support his concept for an artwork site. I know he's no longer part of AP, but that sort of activity is just....I can't really put a word on it. It's not specifically the site itself, but moreso the overwhelming amount of blind rage used in the poorest and most useless of manners.


----------



## Arshes Nei (Jun 8, 2006)

Ahh ok you mean the "FA Horrors" sort of board.


----------



## Myr (Jun 8, 2006)

Yeah, that thing. It has artwork from at least 2 people I know who were very anxious to make the switch from FA to AP back when it was supposed to go up around FurCon (or FC...whatever that thing was  ). I can understand a grudge with Jheryn, but Arc is just taking it too far and expanding his targets to include those who would support him. It's just not right.


----------



## uncia2000 (Jun 8, 2006)

OK, this is drifting from the original topic, I'm sure.

Besides, it isn't "a grudge with Jheryn" and the site has only been back, fast, for just over four weeks not two months (previous post).



			
				SynjoDeonecros said:
			
		

> I'm getting rather sick of all the down time, lags, and such plaguing the site, recently. At first, I was under the slightly understanding impression that it was a normal problem due to the heaps of y!gallery exiles storming in for sanctuary, but now I'm not so sure. I remember back before this site's death and rebirth, that it was plagued with about the same kind of problems it's having, now.


Greets.

The two outages last night were 1 hour 45 minutes followed by 45 minutes.
Both of these would have been rather longer (and the second not properly ID'd in as timely a manner) were it not for nrr, but under the circumstances I think those have to be accepted for what they were.

What about other "down times", "lags", etc.?
*
There have been two other very short unannounced outages in the past 7-10 days, I think, and a degree of lag from time-to-time (at least in part not internal to FA). The minority of those are userbase load related and compared with the situation before gushi/crypto's database optimisations the system is running vastly quicker almost all the time. 
The feedback comments in the current questionnaire would also appear to reinforce that point-of-view.

If this is deemed a systemic failure large enough to render FA unusable to you, please do continue to let us know your opinions on such matters. Better to voice those than just leave us to presume people are "generally happy" with speed/uptime.
_And I do appreciate individuals have different tolerances: 2-3 months ago we still had people with saint-like patience still trying to use the system at peak time, with average 180-240 second response times._

Regards,
David.


----------



## Myr (Jun 8, 2006)

Uncia, after you left for work the site was locked for another good 2 hours or so. >^.=.^<;;;; But compared to the past history of FA where a hacking attempt or incident would shut the site down for days or a week to just a white screen, I'd say we're doing a pretty good job with those outages yesterday.

Everyone, remember, we did some system lockdowns that took a couple hours out of the day. Messages were posted especially during the latest outage explaining what was going on. No one lost any data, the problem was repaired, and the site was re-openned for public use. Honestly, if yesterday's downtime was rediculous, then I think that's really showing just how far this site has come in the past 6 months. Remember, earlier this year you would have been watching a white screen all day long with  maybe a short message. Last year you would have been seeing that white screen for a week at best with data loss. Yesterday, the site got locked down, displayed an error, news was posted about the cause of the lockdown, and the site openned to the public later at night without any data loss and without a white screen.

We would like to avoid downtime as much as possible and have been working to make that a reality. We're going to hit a few bumps in the road and have to close for a bit like what happened yesterday. It's unfortunately true on every site. :/


----------



## uncia2000 (Jun 8, 2006)

DragonMyr said:
			
		

> Uncia, after you left for work the site was locked for another good 2 hours or so. >^.=.^<;;;;


Hmm... I was going by the traffic meter. 



			
				DragonMyr said:
			
		

> But compared to the past history of FA where a hacking attempt or incident would shut the site down for days or a week to just a white screen, I'd say we're doing a pretty good job with those outages yesterday.


Is no joke, Myr.



			
				DragonMyr said:
			
		

> Last year you would have been seeing that white screen for a week at best with data loss.


Well, that could have been the same again this time: you're rather comparing apples and pears, there. i.e. not the action of hacking, but what the hacker actually does once they're inside.
On this occasion they chose not to delete data malevolently... but on the plus side, I'm sure our backups are a lot better than back then, too.

No need for us to be complacent, anyhow.


----------



## Dragoneer (Jun 9, 2006)

uncia2000 said:
			
		

> DragonMyr said:
> 
> 
> 
> ...


45 minutes offline, while more time was spent in read only.


----------



## Ethan (Jun 9, 2006)

Ridiculous? More like ricockulous, am I right guys?


----------



## WHPellic (Jun 9, 2006)

uncia2000 said:
			
		

> Hmm... I was going by the traffic meter.



Uncia the meter maid?


----------



## Pico (Jun 9, 2006)

You know, I'm preeeety sure I (or someone else) brought up the whole lack of old password confirmation box thing many months ago; this could have been easily prevented with that obvious and important little addition.  Arc told me his exploit was really easy to do, and he even documented it on his site ( www.basementcoder.com ).  So umm basically, while it's true that every website out there has vulnerabilities, FA still has a whole bunch of them that even the most amateur ~*hacker*~ can figure out ways to exploit.

I've def. been in favor of having FA rewritten from stratch (not like before when it was only supposedly rewritten heh) by someone competent enough to know how to prevent these basic exploit attempts.  I'm not saying Arc was right in doing what he did, but I know some of folks out there would have done worse if they just weren't so lazy.  And FYI, banning arc and flailing your arms about this might just tick him off and encourage him to try even more stuff...without him telling you what he's done ;o)  He hasn't told me if he has any plans to do that, and I kind of doubt he would at this point, but anything's possible~


----------



## Wolfblade (Jun 9, 2006)

You really shouldn't be nice to someone just because they may knock over your sandcastle if you don't.

If they're threatening to knock it over, or caving in a wall here and there, they are a dick and a childish bully. They deserve to be called whatever their behavior makes them. 

And really, whatever happened to "a person is judged by the company they keep"?

It used to be that people who weren't assholes didn't hang out with people who were. Or, if you're friends with someone who is doing something you know is wrong, you try to talk them out of it, or you stop being friends with them. Maybe its just me, but I personally will never understand how anyone can be friends with someone who fucks around with other people just to be petty. Unless they don't see anything wrong with it themselves.

Im not meaning this to attack anyone, just a general questioning statement in the hopes that maybe someone can explain it to me; how can you be friends with someone who does something so wrong to people who have never given him reason to (the users), unless you personally don't see anything wrong with what they are doing?


----------



## kitetsu (Jun 9, 2006)

Wolfblade said:
			
		

> how can you be friends with someone who does something so wrong to people who have never given him reason to (the users), unless you personally don't see anything wrong with what they are doing?



War isn't a game where the good guys always win.


----------



## dave hyena (Jun 9, 2006)

I think it is fair that Arcturus is permabanned from orbit, it's the only way to be sure.

However, I have heard that corperations may pay other corperations to attempt to break into a computer system that uses an identical set up to their own network, in an attempt to find out security holes and such and how to fix them.

In order to shore up security here in a constructive and positive way, Could such a thing be done by the most trustworthy and skilled people on the team? would such help?


----------



## Emerson (Jun 9, 2006)

*RE:  This is bloody rediculous*



			
				uncia2000 said:
			
		

> _And I do appreciate individuals have different tolerances: 2-3 months ago we still had people with saint-like patience still trying to use the system at peak time, with average 180-240 second response times._



Yo.


----------



## Wolfblade (Jun 9, 2006)

kitetsu said:
			
		

> Wolfblade said:
> 
> 
> 
> ...



I'm sorry, how is that relevant to my question? 

War? This isn't war. This is one ass-hat's personal grudge against another person causing shit for a whole mess of people who never had anything to do with EITHER side's bullshit. It isn't a war, but it is obviously some kind of game to him. A person who plays games at other peoples' expense is rarely a person of much worth.

Yeah, the good guys don't always win. But they might win a bit more often if some of the 'good' guys would be a bit less quick to buddy buddy with the bad guys. 

I'm sorry, but a person who does shitty things to other people who've never done them any wrong, is quite likely a shitty person. If they're not a shitty person, you can usually talk them out of doing shitty-person things. If you CAN'T talk them out of doing those things, they're all the more likely to be a shitty person. And if you're ok with being friends with a shitty person, you just can't be too bothered by this shitty shit they pull. Which makes your own potential for shittyness get brought into question.


----------



## Arshes Nei (Jun 9, 2006)

Dark Helmet said:
			
		

> So, Lone Star, now you see that evil will always triumph because good is dumb.


----------



## Pico (Jun 9, 2006)

Wolfblade said:
			
		

> You really shouldn't be nice to someone just because they may knock over your sandcastle if you don't.
> 
> If they're threatening to knock it over, or caving in a wall here and there, they are a dick and a childish bully. They deserve to be called whatever their behavior makes them.


lol i know FA will never be nice to Arc and I never expected them to, but I don't think banning him will solve any problems, that's all ;o)



			
				Wolfblade said:
			
		

> And really, whatever happened to "a person is judged by the company they keep"?
> 
> It used to be that people who weren't assholes didn't hang out with people who were. Or, if you're friends with someone who is doing something you know is wrong, you try to talk them out of it, or you stop being friends with them. Maybe its just me, but I personally will never understand how anyone can be friends with someone who fucks around with other people just to be petty. Unless they don't see anything wrong with it themselves.


I'm a jerk, what can I say? :*)  I find it hard to be super nice to people about problems they have that could have been fixed real easily early on, especially when I or someone else reminded them of it back then~


----------



## Wolfblade (Jun 9, 2006)

Arshes Nei said:
			
		

> Dark Helmet said:
> 
> 
> 
> > So, Lone Star, now you see that evil will always triumph because good is dumb.



Sure seems that way doesn't it? Not banning someone permanently after the FIRST (or second) time they bring your site down seems to have been established as poor judgement. But good is learning! ^_^

I can appreciate the good-sounding reasoning between letting the guy still use the site up till now despite everything he had >already< done, but guys please remember: Keeping the high road is all good and all, but the people in the ditch will still be able to hit you with mud. Sooner or later you have to step down into the ditch with them and do something about it.

Or just keep letting the little monkies fling their poo atcha.



			
				Pico said:
			
		

> lol i know FA will never be nice to Arc and I never expected them to, but I don't think banning him will solve any problems, that's all ;o)



Well, they tried 'hm, let's give him the benefit of the doubt' and that obviously didn't work, so now they're trying a different direction. Logical. Reasonable. Makes Sense. Obviously though, he's demonstrated that as long as he feels the need to fuck with the place, he's going to do so no matter what they do. That doesn't mean they need to make it any easier for him. And even if they DID make it easier for him, that doesn't make him LESS of a bad person for doing it.



			
				Pico said:
			
		

> I'm a jerk, what can I say? :*) I find it hard to be super nice to people about problems they have that could have been fixed real easily early on, especially when I or someone else reminded them of it back then~



Yeah, but could we please stop ignoring one little tiny but ever-so-crucial detail?

If you warn someone, and they don't listen, and Someone Else fucks them over, that's on them. They're asses for ignoring your sagely wisdom.

If you warn someone, and they don't listen, and YOU fuck them over, it _does not matter_ how "it woulda been worse if Someone Else did it." You're still an asshole for doing what you did. It is not in any way noble to offer someone an umbrella, then dump a bucket of water on them when they say 'no thanks.'

And telling people how it's their own fault that your friend keeps messing their shit up displays a pretty skewed understanding of how responsibility works. 

To use an already stated analogy; it is not the fault of the homeowner who didn't buy an alarm that his house got burglarised. It is the fault of the burglar. I'm pretty sure they don't award medals to security system salesmen who rob the non-buyers to teach them a lesson.

Arcturus is not doing anyone any favors. Not the way he is going about it. Saying "hey guys, this hole is there" would be doing them a favor. 

"oh, but he did that and they ignored him"

So walk away and leave the place to flounder on its own. He's not some kind of saint for trying to knock it down himself. I really just do not understand how peoples' views can be so skewed as to think his behavior is justified.

If you defend a person's actions; you're defending the person's actions. 

Don't defend someone's actions if you don't approve of them. And if you approve of them, just come out and say it.


----------



## Pico (Jun 9, 2006)

Wolfblade said:
			
		

> Yeah, but could we please stop ignoring one little tiny but ever-so-crucial detail?
> 
> If you warn someone, and they don't listen, and Someone Else fucks them over, that's on them. They're asses for ignoring your sagely wisdom.
> 
> ...


heh, just so you know, he told me about the bug and then almost immediately went to Dragoneer himself and told him.  I never claimed Arc was a saint, but at least the bug is fixed now ;o)  Plus: there was no actual harm done to FA, aaaand I already admitted I'm a jerk; this is just the internet, so relax, ok? :*)

Also, if someone left their front door wide open, I wouldn't feel very sorry for them if a person came in and stole stuff !


----------



## Dragoneer (Jun 10, 2006)

Pico said:
			
		

> heh, just so you know, he told me about the bug and then almost immediately went to Dragoneer himself and told him.  I never claimed Arc was a saint, but at least the bug is fixed now ;o)  Plus: there was no actual harm done to FA, aaaand I already admitted I'm a jerk; this is just the internet, so relax, ok? :*)
> 
> Also, if someone left their front door wide open, I wouldn't feel very sorry for them if a person came in and stole stuff !


We would have gotten it fixed rightaway, too. What I didn't appreciate was Arcturus not giving me my password back right away and dangling it like a prize for me to find. I had no idea what his intentions WERE and all I could go by were assumptions, and my assumptions were based on the security of the site.

If somebody finds an exploit, and tells it directly to me... I will ensure it gets fixed ASAP. Sometimes these h4x warnings are given out over IRC or in cryptic posts that I may miss. Generally, I'm doing a lot of other things than watching an IRC chat even when logged in.


----------



## uncia2000 (Jun 10, 2006)

Dragoneer said:
			
		

> I had no idea what his intentions WERE and all I could go by were assumptions, and my assumptions were based on the security of the site.


(typed before asking)
Would've thought that was obvious enough: i.e. to wind you up a bit (because another obvious security exploit had been left wide-open and action is rarely seen to be taken unless a lil bit of pointy stick is used), rather than destroy the site... 

Arc says
"<Kellarikemisti> My intentions, was for the hole to get fixed, and for me to be able to screenshot his userpage when the page changed his name to 'Arcturus Is My Hero'
<Kellarikemisti> I may dislike the admins, but I don't wanna see users losing their accounts."

Pretty close to my guess.


----------



## Dragoneer (Jun 10, 2006)

uncia2000 said:
			
		

> Would've thought that was obvious enough: i.e. to wind you up a bit (because another obvious security exploit had been left wide-open and action is rarely seen to be taken unless a lil bit of pointy stick is used), rather than destroy the site...


Were the the case he would have returned the password.


----------



## uncia2000 (Jun 10, 2006)

Dragoneer said:
			
		

> uncia2000 said:
> 
> 
> 
> ...


You just asked re. what his intentions were and I relayed those since you wouldn't have heard otherwise.

Yeah, the wind-up was unnecessary and went on for a few minutes too long, even if the password was in plain site (disable JS and view the source on the URL provided). And I can appreciate being on the sharp end of "games" like that with regards to potentially deadly-serious matters.
There's just too much "history" involved in this particular case, unfortunately. 

Pico's comments (above) are fundamentally correct, though. And we do still have security flaws and vulnerabilities.


----------



## uncia2000 (Jun 10, 2006)

Dragoneer said:
			
		

> uncia2000 said:
> 
> 
> 
> ...


You just asked re. what his intentions were and I relayed those since you wouldn't have heard otherwise.

Yeah, the wind-up was unnecessary and went on for a few minutes too long, even if the password was in plain site (disable JS and view the source on the URL provided). And I can appreciate being on the sharp end of "games" like that with regards to potentially deadly-serious matters.
There's just far too much "history" involved in this particular case, unfortunately. 

Pico's comments (above) are fundamentally correct, though, IMHO. And we do still have security flaws and vulnerabilities.


----------



## Dragoneer (Jun 10, 2006)

uncia2000 said:
			
		

> And we do still have security flaws and vulnerabilities.


Which is why we've pulled Yak on and will probably pull another coder as well.


----------



## Wolfblade (Jun 10, 2006)

Pico said:
			
		

> heh, just so you know, he told me about the bug and then almost immediately went to Dragoneer himself and told him.  I never claimed Arc was a saint, but at least the bug is fixed now ;o)  Plus: there was no actual harm done to FA, aaaand I already admitted I'm a jerk; this is just the internet, so relax, ok? :*)



No-one is complaining that he pointed out the bug. That is of course appreciated. The problem is that HOW he pointed out the bug was childish and petty and so he is being called such. 

Another thing; people put work into this. Effort. Time. Money. Even if you have some personal gripe with the staff, the users still come here to de-stress, relax, talk with friends, and yes, wank.  The fact that it is on the internet does not suddenly and magically make all that go away. 

Internet or not, someone is letting a petty personal grudge inconvenience quite a few people who had no issue with him at all. The person who manages to be the least serious about anything is not somehow made right through the magic of indifference. The fact that you or someone else may not care about something does not invalidate the feelings of those who do.



			
				Pico said:
			
		

> Also, if someone left their front door wide open, I wouldn't feel very sorry for them if a person came in and stole stuff !



The difference being: are you a neutral bystander laughing at the owner of the house, or are you friends with the guy who robbed him and trying to convince him that he shouldn't be mad at your friend for robbing him?



			
				uncia2000 said:
			
		

> Pico's comments (above) are fundamentally correct, though, IMHO. And we do still have security flaws and vulnerabilities.



It's cool you guys are accepting responsibility for the site's shortcomings. That alone is an improvement from the time when Arc was actually involved here. But please, don't think that means you should be absolving someone of guilt for taking advantage of those shortcomings.


----------



## nrr (Jun 10, 2006)

uncia2000 said:
			
		

> The two outages last night were 1 hour 45 minutes followed by 45 minutes.
> Both of these would have been rather longer (and the second not properly ID'd in as timely a manner) *were it not for nrr*, but under the circumstances I think those have to be accepted for what they were.


Emphasis mine.  You better believe it.

I've been doing this stuff professionally since before I even graduated high school.  I'd think that's enough merit.


----------



## Wolfblade (Jun 10, 2006)

nrr said:
			
		

> I've been doing this stuff professionally since before I even graduated high school.  I'd think that's enough merit.



Just in case nobody's said it enough, your brand of _actual_ help is surely greatly appreciated.

Thanks ^_^


----------



## Swampwulf (Jun 10, 2006)

*sends nrr much luff*


----------



## Emerson (Jun 12, 2006)

*RE:   This is bloody rediculous*



			
				nrr said:
			
		

> uncia2000 said:
> 
> 
> 
> ...



NO. You must have been doing it since you were in the womb, and possibly before that too.


----------



## mericus (Jun 12, 2006)

Hello i usually just put up artworks, i really did not realize you had forums, since games does not bring anything up.
 I have been reading thie last thread, "This is bloddy ridiculous". I see that you had or are having an ongoing problem with one of you're memebers who is feeling justified in being an ass. My own experience with kinds of people led to me simply going over to they're house and trashing their place too after they broke into my house and stole most of my record collection. Tehy're explaination as to why they did that was that it was somehow my fault that they could not use my Dad's office bathroom one day while they were walking by. (My father owned a real estate office that had a house built onto the side, well a couple rooms and a bathroom and kitchen). This guy decided that i should pay for his inconvience. My responce i suppose was less than savory and all it did was to get my car destroyed too, He'd put sugar in the gas tank.
 NOw even though i did not know it was him, since there was absoulutely no one else that would have a reason to do that, i figured out it was his doing, so i went to his house waiting in the bushes for him to get home then hit him in the face with a four by four and beat the livin' shit out him, i really was going to cut his throat lying there, helpless and all but decided i might get caught and i'd have his murder on my conscious, so i just left. I called an abulance for him anonomously and i never heard from him again since he moved away.
 Lokking back i may have not been thinking right being so violent, but i felt justified for doing that even though it was really a low thing to do, But at least i did not do what another friend of mine did to an autoshop that ripped him off for about two grand on his 'vette repair. He used ivory soap flakes desil fuel and gasoline with a quick timer of a cigarette in a book of matches. everything was done with gloves on and plastic jugs were used, untracable, the entire shop burned to the ground in a five alarm fire. I also burned down the rest of the strip mall five other businesses. So with my action of revenge was probably not the best thing to do at the time i did not go to extremes and include innocents. (i used to be a tad violent in my youth). But for this guy to have caused problems on this my favorite site, and cause it to go down for any length of time boils my blood. MYself i would like to know where he lives and face him down with an explanation as to who i am and why i'm going to kick the living dogshit out of him for fucking over someone else i am cool with. This kind of thing sort of ticks me off. usually dickheads like this get the message and stop ever acting like dickheads again, especially if like in kidergarten cop with Arnold Schwartzennegger, "How would you like it if somebody big kicked you ass every day!?" to a guy that was beating up his own child in one scene. I had to appluade that. Arnold is cooler than i am, i did just threaten to get even i did get even. Now-a-days i just draw stuff instead of vent my frustrations, especally if i am between hootage or my woman pisses me off, i instead of getting violent draw something. However if this arcturus guy comes here and somehow shuts down this site simply because he can i offer myself to go and right this wrong, he'll never see it comming, how could he even know me i've never met him. I'll just do the Arnold thing and pick him up off the floor and remind him there are really bad news people that really don't like their shit getting messed with, even if they are only a member.
 Thanks for listening i'll go back and be quiet again, and i don't mean to scare or shock you if i have. But i do know how to END problems, so that they think better of any acts of revenge. And i really don't like mean people. Thankyou for being here, Mericus Htwtchka.


----------



## nullenigma (Jun 12, 2006)

mericus said:
			
		

> Hello i usually just put up artworks, i really did not realize you had forums, since games does not bring anything up.
> I have been reading thie last thread, "This is bloddy ridiculous". I see that you had or are having an ongoing problem with one of you're memebers who is feeling justified in being an ass. My own experience with kinds of people led to me simply going over to they're house and trashing their place too after they broke into my house and stole most of my record collection. Tehy're explaination as to why they did that was that it was somehow my fault that they could not use my Dad's office bathroom one day while they were walking by. (My father owned a real estate office that had a house built onto the side, well a couple rooms and a bathroom and kitchen). This guy decided that i should pay for his inconvience. My responce i suppose was less than savory and all it did was to get my car destroyed too, He'd put sugar in the gas tank.
> NOw even though i did not know it was him, since there was absoulutely no one else that would have a reason to do that, i figured out it was his doing, so i went to his house waiting in the bushes for him to get home then hit him in the face with a four by four and beat the livin' shit out him, i really was going to cut his throat lying there, helpless and all but decided i might get caught and i'd have his murder on my conscious, so i just left. I called an abulance for him anonomously and i never heard from him again since he moved away.
> Lokking back i may have not been thinking right being so violent, but i felt justified for doing that even though it was really a low thing to do, But at least i did not do what another friend of mine did to an autoshop that ripped him off for about two grand on his 'vette repair. He used ivory soap flakes desil fuel and gasoline with a quick timer of a cigarette in a book of matches. everything was done with gloves on and plastic jugs were used, untracable, the entire shop burned to the ground in a five alarm fire. I also burned down the rest of the strip mall five other businesses. So with my action of revenge was probably not the best thing to do at the time i did not go to extremes and include innocents. (i used to be a tad violent in my youth). But for this guy to have caused problems on this my favorite site, and cause it to go down for any length of time boils my blood. MYself i would like to know where he lives and face him down with an explanation as to who i am and why i'm going to kick the living dogshit out of him for fucking over someone else i am cool with. This kind of thing sort of ticks me off. usually dickheads like this get the message and stop ever acting like dickheads again, especially if like in kidergarten cop with Arnold Schwartzennegger, "How would you like it if somebody big kicked you ass every day!?" to a guy that was beating up his own child in one scene. I had to appluade that. Arnold is cooler than i am, i did just threaten to get even i did get even. Now-a-days i just draw stuff instead of vent my frustrations, especally if i am between hootage or my woman pisses me off, i instead of getting violent draw something. However if this arcturus guy comes here and somehow shuts down this site simply because he can i offer myself to go and right this wrong, he'll never see it comming, how could he even know me i've never met him. I'll just do the Arnold thing and pick him up off the floor and remind him there are really bad news people that really don't like their shit getting messed with, even if they are only a member.
> Thanks for listening i'll go back and be quiet again, and i don't mean to scare or shock you if i have. But i do know how to END problems, so that they think better of any acts of revenge. And i really don't like mean people. Thankyou for being here, Mericus Htwtchka.



Are you for real? :O


----------



## nrr (Jun 12, 2006)

mericus said:
			
		

> Hello i usually just put up artworks, i really did not realize you had forums, since games does not bring anything up.


Hi.



			
				mericus said:
			
		

> I have been reading thie last thread, "This is bloddy ridiculous". I see that you had or are having an ongoing problem with one of you're memebers who is feeling justified in being an ass. My own experience with kinds of people led to me simply going over to they're house and trashing their place too after they broke into my house and stole most of my record collection.


I'm sorry that they stole a good chunk of your record collection.  However, the issue at hand involves something on the Internet, and really, this sort of "let's go over to his house and trash shit because he came over to mine and stole shit" retribution doesn't work here.  It tends to fall under "lol internet is serious business" more than anything, and it's generally a waste of time.



			
				mericus said:
			
		

> But at least i did not do what another friend of mine did to an autoshop that ripped him off for about two grand on his 'vette repair. He used ivory soap flakes desil fuel and gasoline with a quick timer of a cigarette in a book of matches. everything was done with gloves on and plastic jugs were used, untracable, the entire shop burned to the ground in a five alarm fire.


You do realize that you are turning your friend in for a felony, right?



			
				mericus said:
			
		

> I also burned down the rest of the strip mall five other businesses.


You realize that you're admitting to a felony, right?



			
				mericus said:
			
		

> Thankyou for being here, Mericus Htwtchka.


Anytime.


----------



## Arshes Nei (Jun 12, 2006)

How did "ridiculous" finally get spelled correctly but now it is "bloddy"?


----------



## Silver R. Wolfe (Jun 12, 2006)

nrr said:
			
		

> mericus said:
> 
> 
> 
> ...



Thanks for seperating that into 'paragraphs'.  I actually took the time to read it now.


----------



## nrr (Jun 12, 2006)

Emerson said:
			
		

> NO. You must have been doing it since you were in the womb, and possibly before that too.


What makes you say that?


----------



## nrr (Jun 12, 2006)

silverwolfe said:
			
		

> Thanks for separating that into 'paragraphs'.  I actually took the time to read it now.


Heh.  That stream of consciousness crap drives me batty, and I have to have some real patience to read through it.

I'm glad at least someone appreciated the effort.


----------



## Emerson (Jun 12, 2006)

*RE:     This is bloody rediculous*



			
				nrr said:
			
		

> Emerson said:
> 
> 
> 
> ...



General obnoxiousness. :|

Also, things I learned in this thread today: Internet Business = Burn down a strip mall.


----------



## Marthaen (Jun 12, 2006)

Closing the thread as it's starting to stray from the topic and the situation has already been fixed.


----------

