# Site Outage: Feb 25, 2009



## Dragoneer (Feb 26, 2009)

Hey, kids! My name's Dragoneer, and I have to be the unfortunate person who gets to relay what really happened. Tincrash's account was legitimately compromised by this user, but what happened after that point was our fault. Only three users were affected (Tincrash included), but that's three more than I find acceptable. Due to an unfortunate accident on our part, rather than being banned, the compromised account was mistakenly set to "admin" for roughly two minutes time. It was rectified fixed ASAP, however, during that time, some damage was done (see thread).

_This was a complete mistake on our part._ I'd rather be open and tell you up front that we fucked up rather than this asshole gentlemen goad and get credit for what was ultimately our flub. Again, it was a human error on our part, and we're ensuring that it does not happen again. Don't give  this "hacker" idiot credit. Blame me. I won't tell you which admin made the mistake, because I'm not going to point fingers. I'd rather the entire community hate me than hate a dude who made an honest mistake trying to do what was right for the community. 

If you want somebody to blame for this blame me.

I can't apologize enough for this inconvenience. I really can't. However, I'm not going to hide that we made a mistake. Rather, FA will remain offline until we can ensure that mistake is corrected and is preventable from happening again. I do not know the ETA at this time, but keep in mind it is of the highest priorities. We are also taking the opportunity to ensure that compromised accounts can be easily reverted. 

I dislike outages as much as anybody else, because whenever FA goes down me and a bottle of Advil becomes closer lovers than I'd like to admit. 

- Dragoneer

*P.S.* In before "Epic fail".

*P.P.S. *I believe I have determined how tincrash's account got compromised. Attempting to find more information on it.


----------



## shebawolf145 (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

To error is human.


----------



## Ainoko (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

*be vewy, vewy, qwiiet....

We is hunting bad Dragoneers*


We won't be too upset as long as this was an honest mistake and won't happen again.


----------



## TwilightV (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

Man, Neer... :'(

EDIT: I'm not crying you bastards!


----------



## x3dreturns (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

Shee-it happens. At least it was only two minutes. Imagine if you'd set him to admin and gone to bed or something...


----------



## shebawolf145 (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



x3dreturns said:


> Shee-it happens. At least it was only two minutes. Imagine if you'd set him to admin and gone to bed or something...



True. Very true.


----------



## Dragoneer (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Ainoko said:


> We won't be too upset as long as this was an honest mistake and won't happen again.


It was a completely honest mistake by an admin trying to rush to save somebody's account before it was too late. Unfortunately, things did not go as planned.

The admin won't be named. Ever. I'll gladly take what happened to the grave, because what he did was in the best interest of the site. Because I know that despite this one mistake, there's been dozens of other accounts that have been saved by quick thinking admins.


----------



## Ainoko (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Dragoneer said:


> It was a completely honest mistake by an admin trying to rush to save somebody's account before it was too late. Unfortunately, things did not go as planned.
> 
> The admin won't be named. Ever. I'll gladly take what happened to the grave, because what he did was in the best interest of the site. Because I know that despite this one mistake, there's been dozens of other accounts that have been saved by quick thinking admins.



It is none of our business what admin made the honest mistake, we are just glad that you were able to fix and correct the issue as quickly as you did.

*gives the admins hugs*


----------



## Aquin (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

I don't hate you 'neer, people make mistakes, shit happens. What matters is that you learn from said mistake. 

Sometimes mistakes are made simply because one is stressed, with all the work that you guys do, im sure nothing is always perfect. 

So one little mistake was made, why should we be mad? You guys got to it quick, and you also came out and admitted said mistake. 

People gotta move on. Life isn't perfect ya know? Don't beat yourselves up over it.


----------



## SDWolf (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

Kudos for owning up to it, Dragoneer.  Not many admins have the balls to admit a mistake like that was made; they'd rather let the "hacker" brag then let themselves look bad.  You rock.

And we don't need to know who actually made the mistake.  I'm sure he/she is already kicking him/herself far more than the lot of us ever could.


Fix:   "You're about to make [username] an Admin.  Are you really sure you want to do this?  [y/N]"


----------



## shebawolf145 (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Dragoneer said:


> It was a completely honest mistake by an admin trying to rush to save somebody's account before it was too late. Unfortunately, things did not go as planned.
> 
> The admin won't be named. Ever. I'll gladly take what happened to the grave, because what he did was in the best interest of the site. Because I know that despite this one mistake, there's been dozens of other accounts that have been saved by quick thinking admins.



I'm proud of you guys. Being an admin must be hard. Keep up the great work but move the admin button away from the ban button *smiles*

And tell that admin who did it not to beat himself up over it or anything.


----------



## Nightingalle (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

At least it was for only 2 minutes, that's a silver lining on this raincloud.

And to whomever did this by accident, it's okay man. It's okay.


----------



## Blick Fen (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

Props for quick response time, mistake or no.  You guys rock my nonexistent socks.

Or, well.

My sandals!  They are rock'd.

<3


----------



## PriestRevan (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



> I can't apologize enough for this inconvenience. I really can't.


 
Oh you.


----------



## Draconas (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

mistakes happen neer, if it was done by accident then why beat yourself up over it?


----------



## Dragoneer (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



SDWolf said:


> Kudos for owning up to it, Dragoneer.  Not many admins have the balls to admit to a mistake like that.  You rock.


I believe in being honest about FA and the community. If we fuck up I'd rather be honest and open about it. Hiding shit accomplishes nothing.



SDWolf said:


> Fix:   "You're about to make [username] an Admin.  Are you really sure you want to do this?  [y/N]"


Fix: Nobody can set admin except me and coders. The admin system as it stands could be a lot better, and much of it has been due for an overhaul. This is part of the fix.


----------



## Shade Rose (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

hmmm, sounds like the plot to legend of zelda if you look at it.
 a powerfull figure made a mistake while processing a crimnal. resulting in said crimnal gaining powers. that threated all the land and 3 accounts were comprmised  . TriForce much?
then again i see video games in everything


----------



## Nanakisan (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

We forgive you Neer. now how about sharing that IP of the guy claiming to be the cracker. i wanna have fun.


----------



## Danirupuru (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Shade Rose said:


> hmmm, sounds like the plot to legend of zelda if you look at it.
> a powerfull figure made a mistake while processing a crimnal. resulting in said crimnal gaining powers. that threated all the land and 3 accounts were comprmised  . TriForce much?
> then again i see video games in everything




You successfully made me Lol and I see videogames in everything too so I understand what you mean 


but yeah Thank god are admins are quick to react though the fact that the guy actually posted a screenshot of what he could do proves that he wasnt too bright 

Thank you dragoneer for always staying on top of things ,you indeed are the Emperor of all furries ^_^


----------



## Shade Rose (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Danirupuru said:


> You successfully made me Lol and I see videogames in everything too so I understand what you mean.



--
really cool, i thought i was the only one.


----------



## DigitalMan (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*

Dude, don't worry about it  A much bigger mistake... is the date in the topic title. 

I have to wonder, is this perhaps due to the DA issues that were apparently grabbing people's passwords, and then the password being the same here? I would find that amusing. I don't know why.


----------



## PriestRevan (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Danirupuru said:


> You successfully made me Lol and I see videogames in everything too so I understand what you mean
> 
> 
> but yeah Thank god are admins are quick to react though the fact that the guy actually posted a screenshot of what he could do proves that he wasnt too bright
> ...


 
That's up for debate.


----------



## Nanakisan (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



PriestRevan said:


> That's up for debate.



I correct that King of all Furries. I declare it to be Blotch. he is #1 on that FA rating site afterall


----------



## Carenath (Feb 26, 2009)

Neer, nobody here hates you, this was just an unfortunate clusterfuck. Quick thinking saved the day, regardless.


----------



## C_R_Ingtail (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Nanakisan said:


> I correct that King of all Furries. I declare it to be Blotch. he is #1 on that FA rating site afterall



True fact: Blotch is a par of ladies. Nice ones at that.


----------



## Dragoneer (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



DigitalMan said:


> Dude, don't worry about it  A much bigger mistake... is the date in the topic title.


In the past two days I've gotten about six hours of sleep. The only thing keeping me awake right now is two cans of Cherry Bawls. And I have to be up and ready for work in about three hours.


----------



## verix (Feb 26, 2009)

dude what

seriously

are the "ban" and "make admin" buttons like right next to each other

can you like, move them so it doesn't happen again

preferably add a confirmation process


----------



## ArielMT (Feb 26, 2009)

It still would be nice if we could pay Captain Toolbar^H^H^H a visit all nice and friendly like...

Edit: I wager it's a "member status" or "member type" drop-down list.  Quick, simple, and in general effective form coding.


----------



## Nanakisan (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Dragoneer said:


> In the past two days I've gotten about six hours of sleep. The only thing keeping me awake right now is two cans of Cherry Bawls. And I have to be up and ready for work in about three hours.



Mah Boi 5hr energy is what all true admins strive for.
Yes i can see where you need a break Neer and you seriously need a vacation. get your bum to japan or heck go to paris. break free.


----------



## Pi (Feb 26, 2009)

I'm going to be trying to get banned a lot harder in hopes that you accidentally give me admin privileges. Seriously.


----------



## Basque (Feb 26, 2009)

Dragoneer, I apologize for even bringing this up because I read your comment about revamping the admin system  and I'm sure there's nothing I can contribute that you guys won't already have under control.

However, it is rather irritating to see people make idiots of themselves repeatedly with no recourse taken against it. That's a different matter better discussed at a different time, or so I think, but right now I think this particular instance could be stopped by moving forward and therefore away from this as soon as possible.

I honestly have no idea how the administrative programming works at FA, but it is surprising to hear that it's apparently that easy to be set as an administrator. I understand that you're revamping  the system, but during the course of that may I suggest restricting that function to only circumstances in which an administrator would be appointed? For example, if a new admin has to be approved by more than one person among the current staff would it be possible to make changing an account to an admin account something requiring input from at least 2 current admins, so no single person could accidentally make someone an admin again?

I basically have no programming experience so I apologize for this almost certainly being entirely unhelpful.

However, I do want to echo the sentiments about applauding honesty, there are others in a similar position to yours who just lie through their teeth when this kind of thing happens.


----------



## Lt_Havoc (Feb 26, 2009)

Well, I accept your apology, but I have to say that said admin that screwed up should at least get a time off his post for like 2 weeks or so, so he can think about the mistake he made. Yes, I talk about suspension here. That "little" mistake could have had severe consequences if you guys dint had noticed it that fast. 

So yeah, mistakes happen, but you guys to have to ensure that it wont happen again.


----------



## Shade Rose (Feb 26, 2009)

i prefer to be zen, and feel my anger and acnologe it. i do not need to express it..but mearly  release it and know that is only one of manny Budahs.


----------



## Wula_lion (Feb 26, 2009)

Does this mean there will be no link of the day today?


----------



## vappykid5 (Feb 26, 2009)

Carenath said:


> Neer, nobody here hates you, this was just an unfortunate clusterfuck. Quick thinking saved the day, regardless.



*snort* ...clusterfuck. But really I'm glad to see you admit to a mistake like that, stuff happens you know. More glad to see that this whole staff is done a great job fixing this immediately like this. Kudos to ya'll ^^


----------



## Tachyon (Feb 26, 2009)

I wish politicians were even an eighth as forthright when they fucked up. Thank you for your continued maturity, Dragoneer. Hopefully something can be learned from this mistake.


----------



## Xadera (Feb 26, 2009)

The 'solution' here is simple. Put "Throw Party" in between the "Ban" and "Make Admin" buttons. That way, if this happens again, there will be cake =3


----------



## Nanakisan (Feb 26, 2009)

Xadera said:


> The 'solution' here is simple. Put "Throw Party" in between the "Ban" and "Make Admin" buttons. That way, if this happens again, there will be cake =3



the cake is a lie. but that would be quite funny. click the button and all of the user pages have a party layout.


----------



## Mystech (Feb 26, 2009)

Dragoneer said:


> . . .rather than being banned, the compromised account was mistakenly set to "admin" . . .



Hahahaha that's a good one, but you fired it off too early, April is still a ways off.

Oh no wait, that's just the facts and the joke here is you.


----------



## Tachyon (Feb 26, 2009)

Lt_Havoc said:


> Well, I accept your apology, but I have to say that said admin that screwed up should at least get a time off his post for like 2 weeks or so, so he can think about the mistake he made. Yes, I talk about suspension here.



What would they think about? "Shit, I should be more careful with that button. That was a pretty bad mistake." Does it take two weeks to think that?

I posit that they should be immediately reinstated, because (assuming they've realised they've made the mistake) they're considerably _less_ likely to make the same mistake (and probably less likely to make other mistakes, as they're now on their guard) in the future while this event is still fresh in their minds.

Two week suspension would be simply punishment, and not helpful to the running of the site.


----------



## Xadera (Feb 26, 2009)

Nanakisan said:


> the cake is a lie. but that would be quite funny. click the button and all of the user pages have a party layout.


 
No cake? But this is for science =(


----------



## C_R_Ingtail (Feb 26, 2009)

Pobody's Nerfect.


----------



## Aquin (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Nanakisan said:


> I correct that King of all Furries. I declare it to be Blotch. he is #1 on that FA rating site afterall



Kaa is the king of scalies :3. I also actually like Wookiee's stuff better then Blotch, but i guess that's cause I've known him longer.


----------



## Werewolfhero (Feb 26, 2009)

Mistakes like this happen. Accidently added rather than deleted a few spambots on a forum i help run once selecting the wrong option. Luckily i already had the emails handy to track each down and remove them. Atleast you guys were able to stop the guy before he did extensive damage, or figured out how to give admin powers to any secondary account he might've possessed.


----------



## oniontrain (Feb 26, 2009)

If Dragoneer is the Emprah can we hook him up to a cybernetic chair and wire him into the site already?


----------



## DoctorSykes (Feb 26, 2009)

I'm surprised there hasn't been a Raptor Jesus reference, yet.
Disappointing.


----------



## lone_husky (Feb 26, 2009)

Wula_lion said:


> Does this mean there will be no link of the day today?



There may be one...>.>*


----------



## Doggieo (Feb 26, 2009)

The joke for the next month will be "BAN EM INTO AN ADMIN!" or some variation of it 

no ill will here  Just glad things will be fine. makes me wanna change my password though lol


----------



## sharpfang (Feb 26, 2009)

A massive amount of passwords (almost 5000!) has leaked and are available in the wild.
If you use the same password as on FA anywhere else, change it ASAP!


----------



## Toaster (Feb 26, 2009)

Na, even if its one of the administers fault,your fault, whatever, you repay us by giving us a good free site to use for shity furry pictures/music/writing. I can't hate a dude who douse that for people he don't even know, in fact it sort of commands respect.


----------



## Renard_v (Feb 26, 2009)

Sharpfang, unless you're going to back that up, I don't think anybody's going to believe you.

Tincrash's password ONLY was compromised elsewhere, and it was a direct attack on them originally.


----------



## NN9 (Feb 26, 2009)

Well good to hear every thing going to be sorted out but hey isn't the oder o the month's January Febuary? if so isnt Feb 24 or 25 gone already? because exact time on my clock 13:41 on Feb 26.2009 = 26.02.2009


----------



## Bobskunk (Feb 26, 2009)

*dohoho*

In during "epic fail."


----------



## sharpfang (Feb 26, 2009)

Renard_v said:


> Sharpfang, unless you're going to back that up, I don't think anybody's going to believe you.
> 
> Tincrash's password ONLY was compromised elsewhere, and it was a direct attack on them originally.



Check the PM.


----------



## NN9 (Feb 26, 2009)

Well going offline Bey Guys and Girls   Girls;9


----------



## seadog-driftwood (Feb 26, 2009)

*Re: Site Outage: Feb 24, 2009*



Nanakisan said:


> Mah Boi 5hr energy is what all true admins strive for.
> Yes i can see where you need a break Neer and you seriously need a vacation. get your bum to japan or heck go to paris. break free.



Just change it to 4 hour energy, and I'm sure that line can be pieced together:
Mah boi,
(warriors strive) for
(h)ow- (can we help)
(is und)er- (attack by the evil forc)es (of Ganon)
(s)en-(d) Link)
(wond)er- (what's for dinner)
Gee(, it sure is boring)
is what all true
(d)id(ongos)
(Ganon and his) min(ions)
(force)s (of Ganon)
strive for!

But seriously, three cheers for Dragoneer! Hip-hip hooray! Hip-hip hooray! Hip-hip MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI- MAH BOI-...


----------



## kamperkiller (Feb 26, 2009)

Renard_v said:


> Sharpfang, unless you're going to back that up, I don't think anybody's going to believe you.
> 
> Tincrash's password ONLY was compromised elsewhere, and it was a direct attack on them originally.



Kisses pal. find one you like.

we as people are basicly sheep. we listen to the same music, eat the same food, wear the same cloths, and have the same dreams.... what you are thinking of is thought by at least 50 other people around the world. now the number 1 password is still  123  and god...

oh more http://blog.taragana.com/index.php/archive/most-common-myspace-passwords-from-20-000-passwords/
http://www.threadwatch.org/node/14095
http://boingboing.net/2009/01/02/top-500-worst-passwo.html
http://blog.jimmyr.com/Most_Common_Passwords_20_2008.php

Now find a corner and shut it.


----------



## CaptainCool (Feb 26, 2009)

oh well, shit happens, nobodys perfect, to err is human (furry?^^),  and so on and so forth^^
stuff like that happens, it was was a bad mistake but no one is blaming anyone here i guess^^
just forget about it and let the /b/tards have their little "victory"


----------



## heresydarling (Feb 26, 2009)

I have admin rights on another furry-themed forum.

The "Ban" button is RIGHT NEXT to the "Send a PM" button.

OOPS


----------



## Dragoneer (Feb 26, 2009)

sharpfang said:


> A massive amount of passwords (almost 5000!) has leaked and are available in the wild. If you use the same password as on FA anywhere else, change it ASAP!


The list is an old, OLD list from when FA was originally compromised years ago. It's been floating around on the 'net for some time. 

Old news.


----------



## Dragoneer (Feb 26, 2009)

kamperkiller said:


> http://blog.taragana.com/index.php/archive/most-common-myspace-passwords-from-20-000-passwords/
> http://www.threadwatch.org/node/14095
> http://boingboing.net/2009/01/02/top-500-worst-passwo.html
> http://blog.jimmyr.com/Most_Common_Passwords_20_2008.php


MySpace and Facebook have been hacked. Every month, millions of credit card information goes missing. Shit happens on large and wide scales, from the biggest to smallest. From a security error to a user error.

It happens, and it is most unfortunate.


----------



## duo2nd (Feb 26, 2009)

CautionCat's dA account is kinda hacked.
It started to submit some strange pics recently. I maybe half asleep realizing this.

*After a few minutes*

It's official. D: She is hacked.


----------



## Dragoneer (Feb 26, 2009)

duo2nd said:


> CautionCat's dA account is kinda hacked.
> It started to submit some strange pics recently. I maybe half asleep realizing this.
> 
> *After a few minutes*
> ...


Banning their FA account just in case.

What was their DA name? I only see see cautioncat.deviantart.com, which only had 26 views.


----------



## WarMocK (Feb 26, 2009)

CaptainCool said:


> just forget about it and let the /b/tards have their little "victory"


Well, if they always attacked using the same I have my doubt they will enjoy this "victory" very much. How much do you get again for hacking computers in the US? :twisted:


----------



## duo2nd (Feb 26, 2009)

Thanks. But I maybe wrong on what I saw in her account
http://chibimidori13.deviantart.com/

The pics there should not be in dA.


----------



## CaptainCool (Feb 26, 2009)

WarMocK said:


> Well, if they always attacked using the same I have my doubt they will enjoy this "victory" very much. How much do you get again for hacking computers in the US? :twisted:



ha, yeah, right^^ that brad was just very very lucky, you cant really call it a victories, it was more like a crazy cruels accident 
tincrash dA account looks pretty bad :O


----------



## duo2nd (Feb 26, 2009)

Dragoneer said:


> Banning their FA account just in case.
> 
> What was their DA name? I only see see cautioncat.deviantart.com, which only had 26 views.



Again....
http://chibimidori13.deviantart.com/


>_> This would help.


----------



## WarMocK (Feb 26, 2009)

*sigh* I hope they catch that damn cracker and press charges so he has to get two additional lives to pay for them. >_<


----------



## duo2nd (Feb 26, 2009)

I better like him arrested.


----------



## bucket_o_chicken (Feb 26, 2009)

Dragoneer said:


> MySpace and Facebook have been hacked. Every month, millions of credit card information goes missing. Shit happens on large and wide scales, from the biggest to smallest. From a security error to a user error.
> 
> It happens, and it is most unfortunate.



But when it's user-error, that means someone should step down.  I volunteer you.


----------



## Renard_v (Feb 26, 2009)

kamperkiller said:


> Now find a corner and shut it.



cool story bro

You are aware I was referring to the likelihood of a huge password leak in this scenario, right? We had all been informed as to what happened and how, and retrieving the amount of data that Sharpfang made note of isn't going to happen in two minutes, especially considering that the admin panel isn't just going to spit out passwords without some backend work and reverse engineering (and you don't learn + reverse engineer a custom user databse in two minutes, especially if you're a retarded script kiddie).

Nice metaphorical post by the way, with the sheep and all. I bet it makes you feel really smart and all that good stuff!


----------



## XerxesQados (Feb 26, 2009)

Dragoneer said:


> If you want somebody to blame for this blame me.



Kay. You're a bitch. You're a fucking whore, and you are a disgrace to purple things everywhere. Am I doing it right?

But seriously, we're all going to be laughing at this down the line. Perhaps if this were a site like PayPal it would be a horrible thing which would be even more difficult to effectively make fun of than Hurricane Katrina. But this is FurAffinity, so epic giggles.



Danirupuru said:


> Thank you dragoneer for always staying on top of things ,you indeed are the Emperor of all furries ^_^



EXCUSE ME BUT MY NAME IS XERXES.


----------



## Minnie Shoof (Feb 26, 2009)

>_> I would like one purple dragon. Delivered to my crotch. As apology for something I didn't even know was happening. ... ... yush.


----------



## Zeikcied (Feb 26, 2009)

bucket_o_chicken said:


> But when it's user-error, that means someone should step down.  I volunteer you.


I don't get why an admin should step down when it was a user error, not an admin error.


----------

