Tweet
Re: BG is infected
Or so you say.
Or so you say.
-
sigpic
"In this world, the one who has the most fun is the winner!" C.B.
Prishe's Knight 2004-Forever.
その目だれの目。
-
Re: BG is infected
Dammit Feba, I so have some sort of balls joke for your multiple uses of 'low-hanging fruit', but I had a few beers at lunch and I can't for my fucking life make a solid line for it.
This is going to bother me all fucking day now.
Fuck it.
Low-hanging fruit. Balls. Hahahahhaha it's funny b/c it's balls, get it?Callysto of RamuhCaithsith - 75 RDM / BRD / COR / PLD / WAR / SCH / DRK
Formerly Callisto of Ramuh. | Retired 5.28.10
Callisto Broadwurst of Palamecia
Comment
-
Re: BG is infected
So it is.
If this was a matter of the records being attacked on SE's end using a zero day exploit? You'd be very much correct. In this case, though, it's the user's end, and for software that had been patched for weeks or even months. They have no expectation of security when browsing the web, it's their own fault.
______________________________
It's not even 6PM and you're drunk?Originally posted by Callisto View PostComment
-
Re: BG is infected
Of course not, I've sobered up plenty since 2. I'm just tired and ready to leave work now.Originally posted by Feba View PostCallysto of RamuhCaithsith - 75 RDM / BRD / COR / PLD / WAR / SCH / DRK
Formerly Callisto of Ramuh. | Retired 5.28.10
Callisto Broadwurst of Palamecia
Comment
-
Re: BG is infected
I used to drink at lunch all the time. But never enough to get drunk.
Anyway, I'm kind of glad I don't play FFXI on the same machine I browse my internets on.
Comment
-
Re: BG is infected
This is why I really don't think I'll ever put my main character on my new laptop. I'm being as careful as possible updating shit and whatnot, but really fuck that, lol.Callysto of RamuhCaithsith - 75 RDM / BRD / COR / PLD / WAR / SCH / DRK
Formerly Callisto of Ramuh. | Retired 5.28.10
Callisto Broadwurst of Palamecia
Comment
-
Re: BG is infected
...I see this has derailed into primarily a flamewar over the degree of the victim's fault in the matter. If anyone has anything to add on the nature of the vulnerability and means to address it on the server side of things (client side has been discussed in other threads), I'd be interested in hearing from you in PM. I operate a website running a forum and a wiki, though I don't have ad content to contend with; maintaining site integrity is a matter I'm concerned with.Kumei, pickpocket of Midgardsormr(Bastok Rank 10)
DRK99,DNC91,THF90
Alchemy 72, Smithing 51, Goldsmithing 48, Leathercraft 23, Fishing 20
Koren, San d'Orian Adv.(Rank 10)
WHM95,BLM90,SMN85,RDM82,SCH49
Woodworking 29,Cooking 20
All celestials(Trial-Size), Fenrir, Diabolos, Alexander, Odin
Myrna, Windurstian Merchant
Clothcraft 24
Nyamohrreh, Windurstian Adv.(Rank 6)
BST90,WHM56,DNC45Comment
-
Re: BG is infected
Here's what Mhurron told me, Lunaryn:Session Start (Taskmage:Mhurron): Fri Jun 13 12:51:16 2008
[12:51] Mhurron: sup
[12:51] Taskmage: Hey
[12:51] Taskmage: Can you make any suggestions as to what we could do to make sure FFXIO doesn't become a host for that iframe?
[12:52] Mhurron: the iframe is injected into sites by a XSS exploit found via google, at least thats how its been done in the past 6 months
[12:53] Mhurron: often the first way to prevent it is to make sure that the backend software that is serving up a webboard doesn't have XSS exploits
[12:54] Mhurron: if the web server is running Apache, and you can add apache modules, there is mod_security that is also supposed to help prevent common XSS methods
[12:56] Mhurron: i don't know how invasive mod_security is though
[12:58] Mhurron: there is also a PHP security module, if I can remember the name of the thing, but it can cause problems as it is somewhat invasive and strict in what it allows
[12:58] Mhurron: both would require off line testing before it could be implimented
[13:00] Taskmage: Ok, thanks. I'll do some research and make recommendations to PiNG.
[13:00] Taskmage: I'm surprised how rampant this thing is getting. Want to make sure ..
[13:00] Mhurron: it's not that suprising
[13:00] Mhurron: the way sites are found is by combing google results
[13:01] Mhurron: there's actually very little work beyond initial setup for the attackers
[13:10] Mhurron: the PHP security extension is called suhosin Suhosin 0.9.21 - XSS Protection - PHP Security Blog
Session Close (Mhurron): Fri Jun 13 14:20:41 2008Comment
-
Re: BG is infected
Thanks. Looks from a brief examining that there's some room for argument over whether this is a vuln in PHP or in several PHP apps, but I have a good place to start now as far as addressing the matter. (And I'd lean toward faulting PHP, if only because they try to make things safe-ish elsewhere; PHP_SELF strikes me as something that really should be guaranteed safe)Kumei, pickpocket of Midgardsormr(Bastok Rank 10)
DRK99,DNC91,THF90
Alchemy 72, Smithing 51, Goldsmithing 48, Leathercraft 23, Fishing 20
Koren, San d'Orian Adv.(Rank 10)
WHM95,BLM90,SMN85,RDM82,SCH49
Woodworking 29,Cooking 20
All celestials(Trial-Size), Fenrir, Diabolos, Alexander, Odin
Myrna, Windurstian Merchant
Clothcraft 24
Nyamohrreh, Windurstian Adv.(Rank 6)
BST90,WHM56,DNC45Comment
-
Re: BG is infected
And it still isn't the user's fault if someone decides to exploit a vulnerability (patched or not) in their system, but there's no point on repeating what I've already posted. XDOriginally posted by Feba View Postsigpic
"In this world, the one who has the most fun is the winner!" C.B.
Prishe's Knight 2004-Forever.
その目だれの目。
Comment
-
Re: BG is infected
"Or not"? Perhaps. It depends on if it requires some other incredibly stupid security flaw to have worked.Originally posted by Raydeus View Post
If it is patched though? It is most certainly the user's fault.
Let's say you loan a friend your car. He leaves it parked in a shady neighborhood, unlocked, and with the keys in the ignition. Do you say "no man, it's perfectly logical to leave the car unlocked and easy to use!", or do you get pissed because he did something retarded? Likewise with a person's own property, the decision to leave it open to criminals is retarded.Comment
-
Re: BG is infected
This debate isn't really going anywhere, is it?Comment
-
Re: BG is infected
Gah, this will be my last reply on the subject, I already replied to that. Let's just agree to disagree or something politically correct like that.
It would've been stupid for someone to do that, but the decision to steal the car is all the thieves', if it's easier or not for them to do it is irrelevant for the purpose of this discussion.Originally posted by Me
Edit >
We were just killing some time on a friendly match? <_<Originally posted by Taskmage View Postsigpic
"In this world, the one who has the most fun is the winner!" C.B.
Prishe's Knight 2004-Forever.
その目だれの目。
Comment
-
Re: BG is infected
And the decision to allow it to be stolen was with the person who left their keys in the ignition.Originally posted by Raydeus View PostComment
-
Re: BG is infected
It doesn't seem to be a direct fault in PHP, as far as you usually think of a fault in a piece of software, so much as a combination of poor programming (i.e. not validating inputs) and/or the fact that PHP docs and general accepted PHP programming encourage bad practices by either glossing over security concerns or simply ignoring them by presenting very insecure programming methods as examples of the right way to do PHP.Originally posted by Lunaryn View Post
PHP is often a self taught language, and many of the PHP books are just as bad as the official PHP docs. This has lead to an army of PHP sites that are vulnerable to god knows what by the way they were written, not necessarily because extension X has a buffer overflow.
The best example of this is actually phpBB, which is the poster child for PHP apps being ripped apart because of poor programming. Unfortunately phpBB has become so popular on its own and as a basis for many other PHP based boards that even PHP programmers that do (or should) know about these issues also being bitten by these problems.Comment
Comment