# Erm, wtf?



## Shakeidas (Aug 12, 2005)

Okay, so I haven't been keeping up with everything on the admins' livejournals, so maybe this has already been explained.  You see, I happened across this little gem in wikipedia's page on FurAffinity:

Despite the damage done, the hacker was never banned or punished, and was later consulted to help find exploits and give advice on security issues.

So, yeah.  WTF.


----------



## ryokukitsune (Aug 13, 2005)

well in an industiral setting its not to uncommon for hackers to be consulted for Ecomers matters. thought they may be consulted i dont think that they are entierly trusted.

I'm sure that the hacker is (or was while the server was running) under some  form of observation. if he's hiered in some professional (payed) compasity then you should be worried.

point being, who better to know how to fix your site than the person who hacked it. if you piss them off they probibly will do it again and you wouldnt have any information on how to stop it unless you dropped about $1100 for a professsional developer to fix your loop holes...

dont sweat it man, i'm not going to get worked up about it unless my password gets nabbed...


----------



## Shakeidas (Aug 13, 2005)

Yeah, the article was a little vague on that part, hence my worrying.  (Especially since I've been hearing *rumors* of Arc hiring the hacker as an admin for ArtFu.)  Just wanted to hear some actual, you know, DETAILS of what was going on here.


----------



## starlite528 (Aug 13, 2005)

ryokukitsune said:
			
		

> well in an industiral setting its not to uncommon for hackers to be consulted for Ecomers matters. thought they may be consulted i dont think that they are entierly trusted.
> 
> I'm sure that the hacker is (or was while the server was running) under some  form of observation. if he's hiered in some professional (payed) compasity then you should be worried.
> 
> ...



Your password has probably already been nabbed.  Haven't you seen the list?


----------



## Keffria (Aug 13, 2005)

It's the reason we all were told to change our passwords... which I'll proptly do again once FA is back up... I don't trust "backup" copies of my identity weather or not they say they aren't going to be used.


----------



## Suule (Aug 13, 2005)

> Yeah, the article was a little vague on that part, hence my worrying. (Especially since I've been hearing *rumors* of Arc hiring the hacker as an admin for ArtFu.) Just wanted to hear some actual, you know, DETAILS of what was going on here.



I've been told that it's stated right in the ArtFu forum weasel will be responisble for porting the old FA database to AF. Either way - change the password. Some of the data in the FA database can be used against people.


----------



## TehSean (Aug 13, 2005)

Weasel was also Jheryn's advisor.  It's my understanding that Weasel basically proofread Jheryn's code before it was implemented.


----------



## Alkora (Aug 13, 2005)

TehSean said:
			
		

> Weasel was also Jheryn's advisor.  It's my understanding that Weasel basically proofread Jheryn's code before it was implemented.



no, he did not see my code before it was implemented...the first time he saw it was when he broke in and took all the files...


----------



## nobuyuki (Aug 13, 2005)

Let's not also forget you also voluntarily gave away your hashing routines to him afterwards to show how the new version was 'unbreakable' or something. (I'm referring to the time where you compounded md5 and sha1)


----------



## Stallion (Aug 13, 2005)

Can we please continue to move forward and stop rehashing all the past shit??


----------



## Suule (Aug 13, 2005)

Some people like digging up old shit it seems.


----------



## Kuma-Kun (Aug 13, 2005)

I find it odd that anything negative aginst Arcturus and positive for Jheryn can be said without reprimand even when the most basic knowledge of the situation proves it wrong, but whenever anyone brings up any mistake on Jheryn's part, it quickly gets a variation of the "let's not dwell on the past!" response. 

How about, rather than insisting on ignoring the mistakes that were made when the mistake is credited to one side of the issue, people instead take responsibility and admit to the bad judgment calls they've made? This will  let everyone be comforted in knowing that the same mistakes won't be repeated when FA comes back up. From reading the opinions of the people in both forums, it really seems the main reason people have for choosing ArtPlz over FA is Jheryn's apparent refusal to admit to any of his mistakes at all. He'll respond quickly enough to correct wrong information that would make him look bad, but when someone brings up a valid point against him, he's nowhere to be found. Ignoring past issues is a pretty clear sign that they're going to remain present and future issues, and that drives away users.


----------



## C?lian (Aug 14, 2005)

Anyway Jheryn, maybe we could have an explanation on Weasel's involvement with FA, to cut on possible rumors and to clarify a bit. I find it very unsatisfying not knowing precisely what happened.

~~~~~~

Suule sed : "Some people like digging up old shit it seems."

Stop trolling the topic please.
If you don't like it, it's not /that/ hard not to post snide remarks.
Any "Well they do it too " will be dealt with a nunchalant "Well ur no bettar >=E".


----------



## Alkora (Aug 14, 2005)

All he told me was how he broke in and read the files...
use blowfish to encrypt passwords...
And really some other security issues with the server itself...


----------



## ryokukitsune (Aug 14, 2005)

starlite528 said:
			
		

> Your password has probably already been nabbed.  Haven't you seen the list?



honestly i'm not to worried about it I've practiced internet safety and change my password about twice a month. I use a password thats more than 13 characters long if the services i use support them

the last time my hotmaill account got hacked i made it as hard as possible for people to keep my password for verry long by the slim chance they actualy get it...

I'de like to see the list though i didnt know they made a list of the people who where hacked


----------

