geekhack hacked again!?

[ripster]

we're leaving vB behind entirely. the new platform will be the uber modern (and significantly more secure) SMF 2. it has most if not all the modern features one would want, is easy to extend, and still supports tapatalk ootb

EXCELLENT news!

Please keep the Orange/Black theme or my memes will be obsolete.

[Input Nirvana]

If the entire database was saved, does that also mean accounts with their stored PMs will be avaiable again?

I sure hope so.
I'll be sure to find a way in the future to have ALL info copied somehow. This may become my new future opportunity!

Oh. Gotta earn money too. Problem.

[domoaligato]

I have removed all references to imav's real name,blogger,facebook, etc...
it is not like it was hard to find. the whois information is accurate and that is all it takes to find out.
If you ever buy a domain get a business license first and buy it under the company name.

I am glad that the site is migrating off vBulletin to a more modern and secure platform.
that is great news.

The bad news is that by the time the migration is completed, GH will have no traffic left because of all the pissed off people that were in the middle of group buys/classifieds transactions.

[mkawa]

we're leaving vB behind entirely. the new platform will be the uber modern (and significantly more secure) SMF 2. it has most if not all the modern features one would want, is easy to extend, and still supports tapatalk ootb

That's all fine and dandy as long as mgmt realizes that this wasn't the fault of vB... it doesn't matter what software you're running if it isn't maintained and managed properly.

we were completely patched and imav is no stranger to computer security. the holes were in vB. we were close to localizing the exploit vector when they wiped everything out. it was in vB exclusively.


i will have to confirm with imav, but i believe private messages are included in the preserved db, and SMF has extensive tools for migrating data from vB 4


ps, thanks domo. however, don't be too hard on yourself. imav is well aware that this information is publicly and easily available.

[mintberryminuscrunch]

we're leaving vB behind entirely. the new platform will be the uber modern (and significantly more secure) SMF 2. it has most if not all the modern features one would want, is easy to extend, and still supports tapatalk ootb

EXCELLENT news!

Please keep the Orange/Black theme or my memes will be obsolete.

Not sure why this behaviour by you is tolerated here

[domoaligato]

sales engineer is typically not a technical role but the situation is somewhat ironic

On the contrary, sales engineers are often the best technical people a company has... that are capable of talking to people.
I've bought countless things where we wished we could keep working with the sales engineers once we purchased it but you get moved to a support team/professional services to get the install done and to get trained.

Domo, I would consider editing your post. Regardless of what you think of Geekhack and Imav, you shouldn't post people's real names or personal information even if it is publicly available elsewhere. That's bad form.

I removed his info.

[mkawa]

we know how important the forums are to everyone; group buys, personal transactions, something to shirk work with

we're working overtime (literally, i hacked on this yesterday until midnight then hacked on real work until 2) to get things back up and running. it's just as big a part of our lives, and we want it back too. as for the hacking group, screw 'em. as arnold once said: "[we'll] be back"

[DanGWanG]

So what is the ETA on the revival of GH?

[ripster]

Keep up the good work.

And make sure you restore the Ripster subforum too!

Some MightyFine shit in there, including backups of ALL the wikis. Or at least mine which is 90% of the good ones.

Backing up is ALWAYS good to do Geekhack Moderators.

[mkawa]

there are a lot of moving parts, so we can't say for sure. i'll continue checking in as things progress. personally, i'd like to have something available by very early next week, but it could go either way.

[webwit]

On the contrary, sales engineers are often the best technical people a company has... that are capable of talking to people.

Hahahahahaha. Nice try, mr Sales Engineer.

[Soarer]

good news! all content is safe (save the attachments we lost in the initial battlestar galactica-ish attack). the wikis are safe.

That is good news! Thanks for the hard work!

Can you say more about how/why so many attachments have gone? I noticed that one of mine from end of Feb had gone... four months is an awful lot of attachments to lose

[mkawa]

the first attack was an indiscriminate rm -rf in the directory the attachments sat in. unfortunately, by coincidence this also managed to get the backups, which were mounted at the time. we were caught off guard (THOSE CYLON SCUM), but once imav realized what was happening, we managed to save everything else.

and yes, we're just as broken up about losing all that data as you are. the new platform will have a significantly more robust set of backup solutions.

[jdcarpe]

Someone needs to DDoS attack the R00TW0RM site.

[mkawa]

i do not personally advocate any illegal or unethical electronic activity on internets. (but i am not the boss of you, either)

[Soarer]

Oh... crap

[domoaligato]

So to those that may learn something from this event. keep your backups offsite.

[ripster]

I did already. Why do you think I kept begging iMav to not permaban me for nuking Harrison?

But yeah, this Virus Infection Thing has been going on at Geekhack for YEARS.

I'm sure it'll be completely different now.

[mkawa]

yes, the new iteration will have multiple offsite backups

[metafour]

The rm -rf mention makes it sound like they had shell access whereas earlier it sounded like they just had the ability to inject arbitrary code into existing pages. In either case what was the rationale for keeping the site and the server up when it was known to be exploited? Standard operating procedure is to remove the server from the network, in this case the publicly accessible Internet, and then perform analysis. Even now the site and server is up.

[boost]

Someone needs to DDoS attack the R00TW0RM site.

That wouldn't be a great idea.

Glad I don't have a gh email

[Soarer]

The rm -rf mention makes it sound like they had shell access whereas earlier it sounded like they just had the ability to inject arbitrary code into existing pages. In either case what was the rationale for keeping the site and the server up when it was known to be exploited? Standard operating procedure is to remove the server from the network, in this case the publicly accessible Internet, and then perform analysis. Even now the site and server is up.

True... at least there might have been the opportunity to recover deleted files if it had shut down completely.

But what's done is done

[webwit]

They bought an expensive flash drive for full local backup, instead of setting up offsite rsync for proper, more current backups using far less resources. At deskthority we save 6 rsynced snapshots each day, snapshots of the past 7 days, snapshots for each week of the past 5 weeks, and monthly snapshots, using incremental backup, to an old pc over adsl. We have total offsite replication. If the server is nuked, almost nothing will be lost, and in fact you could reach the replication server if I told you the ip, all the content would be there. I'm not a security expert, but a web developer. But this is basic stuff. The gh admin has been proven over and over again to be incompetent when it comes to server administration. I'm sure in their member base there are a number of people who can properly maintain a server and a web asset. They should get in and set up proper backups for starters. Otherwise it's waiting for the next fuckup.

[mkawa]

it turns out that you can do a lot if you can inject arbitrary php. i'm not going to speak for imav, but he had his reasons for keeping the site accessible. personally, i believe they were fairly sound, but hindsight is always 20/20, etc.

i'm not sure of your history webwit, but on the off chance that it is productive to defend imav from your barbs, i would say that the issue is that imav is a nice but extremely busy guy who started a fun hobbyist website that got much larger much faster than anyone could have imagined. and yes, we have assembled a team now that is happy to support him in designing that fun hobbyist website for scale this time. if the gentle reader would like to join it, please feel free to pm me your credentials.

[mmmty]

Same people, different place

[ripster]

yes, the new iteration will have multiple offsite backups

Can you guys recover Harrison's account for me?

Please?

I still feel a tad guilty about that.

And remember to push the button this time.

So.... is the new friendly Moderator team STILL gonna permaban me?

<ah the smell of burning bridges in the morning>

[mkawa]

harrison's posts were lost for good when you maliciously deleted them, ripster.

[ripster]

harrison's posts were lost for good when you maliciously deleted them, ripster.

So I take that as a NO?


Bummer. So much for cloud computing. He was ever a kind and gentle soul. BUT we digress, the details of that are in the appropriate thread.

http://deskthority.net/off-topic-f10/ba ... son#p55393

[nthn]

Does anyone know how to get in contact with Demik from GH? I want to make sure he received the board that I sent to him.

[mintberryminuscrunch]

Does anyone know how to get in contact with Demik from GH? I want to make sure he received the board that I sent to him.

send him a letter.. or an email if he paid via paypal..