Pages:
1
..
5
6
7 |
MrHomeScientist
International Hazard
Posts: 1806
Registered: 24-10-2010
Location: Flerovium
Member Is Offline
Mood: No Mood
|
|
I got a message on YouTube from someone trying to register a new account here, but is unable to do so. He says he never received a confirmation email
after registering. His account name is Trifaziux.
I thought this might be related to the blocking of accounts from the hacking attempt, so I posted this here. Any idea what might be going on?
|
|
Zyklon-A
International Hazard
Posts: 1547
Registered: 26-11-2013
Member Is Offline
Mood: Fluorine radical
|
|
MrHomeScientist , did you read this?
Quote: Originally posted by Zyklon-A | Quote: Originally posted by Dornier 335A |
Anyway, a guy commented on one of my videos saying he wasn't able to register. Is that function blocked?
And are there still frozen members? |
No, apparently there have been problems with registering for a while.
For instance, I wanted another account, but was enable to register one for some reason.
Also, a member from another forum (that I was messaging) tried to register (I suggested him to) and he was unable as well.
I contacted Polverone, asking if we had done something wrong. He said:
Quote: |
No, he didn't do anything wrong, it's just that a lot of mail providers still block all of our outgoing mail as spam since spammers temporarily took
over our mail server last year. He will have to wait until the 24 hours are up, then tell him to register using a free account from mailinator.com and
switch his password and email address after he's able to log in for the first time. Don't worry, mailinator doesn't require registration.
|
The member did the above, and it worked, so you could tell the guy who commented on your video that. |
|
|
MrHomeScientist
International Hazard
Posts: 1806
Registered: 24-10-2010
Location: Flerovium
Member Is Offline
Mood: No Mood
|
|
I did see that but had forgotten about it, whoops. I'll pass that along.
|
|
energetic.material
Harmless
Posts: 4
Registered: 30-3-2013
Member Is Offline
Mood: No Mood
|
|
I had some trouble signing in a couple weeks ago. I emailed woolen and he reset my password. No problems since.
|
|
DrAldehyde
Hazard to Self
Posts: 82
Registered: 12-1-2014
Member Is Offline
Mood: No Mood
|
|
Brain&Force, that equation under your mood crashes my computer. I have been experimenting, with the problem. If you (B&F) have a post on the
page I'm on, it locks up my tablet with the "typesetting math 100%" box remaing in the lower left. If there are no B&F posts on the page, all is
fine. Just FYI, for the site admin, the workaround for me is simple. Carry on.
|
|
Mr_Magnesium
Hazard to Self
Posts: 60
Registered: 4-8-2013
Location: \rooted/
Member Is Offline
Mood: No Mood
|
|
It is really nice to be back!
Thank you to everyone that helped me get my account back,
|
|
forgotpassword
Harmless
Posts: 47
Registered: 12-8-2014
Member Is Offline
Mood: No Mood
|
|
I'm happy you retrieved your account and I'd like to apologise to you aswell, I posted nonsense on your account.
An update, I am still working, I don't know as much PHP as I used to and am learning up on it.
I have a lot of school work that is important, I need to get prepared as it's starting up in a week.
I'd like to take this opportunity to say that Polverone,
[Edited on 22-8-2014 by forgotpassword]
|
|
DrAldehyde
Hazard to Self
Posts: 82
Registered: 12-1-2014
Member Is Offline
Mood: No Mood
|
|
Quote: Originally posted by DrAldehyde | Brain&Force, that equation under your mood crashes my computer. I have been experimenting, with the problem. If you (B&F) have a post on the
page I'm on, it locks up my tablet with the "typesetting math 100%" box remaing in the lower left. If there are no B&F posts on the page, all is
fine. Just FYI, for the site admin, the workaround for me is simple. Carry on. |
All of my problems were solved by switching away from Chrome. Equations are displaying, no crashing, java activated, I'm good to go. I should have
figured that one out sooner.
|
|
The Volatile Chemist
International Hazard
Posts: 1981
Registered: 22-3-2014
Location: 'Stil' in the lab...
Member Is Offline
Mood: Copious
|
|
Yea, I'm not too fond of chrome. Does anyone know if this is the first time this forum has been attacked/hacked/tested in this manner?
|
|
Brain&Force
Hazard to Lanthanides
Posts: 1302
Registered: 13-11-2013
Location: UW-Madison
Member Is Offline
Mood: Incommensurately modulated
|
|
It's been hacked once before by some dude who was sockpuppeting accounts and accessing their passwords. It was a long time ago.
At the end of the day, simulating atoms doesn't beat working with the real things...
|
|
The Volatile Chemist
International Hazard
Posts: 1981
Registered: 22-3-2014
Location: 'Stil' in the lab...
Member Is Offline
Mood: Copious
|
|
But that's it? Well, that's pretty great for how long this has been here, and how much traffic it gets.
|
|
numos
Hazard to Others
Posts: 269
Registered: 22-2-2014
Location: Pasadena
Member Is Offline
Mood: No Mood
|
|
Well its nice to be back, but I do have a couple concerns I wish to share.
First, thank you everyone for so quickly finding the problem, I suppose that's the only reason I'm back here.
But while I was hacked I was unaware of it, I thought I had been banned or something of the sorts, and I also realized how difficult it is to contact
SM externally. This is just a suggestion but I think SM would benefit from a "contact us" email. maybe a messaging system similar to how some
companies get quotes? Like the registration page, give name, email, subject and leave a message.
I'm guessing this was partly realized when ZTS used the wiki as a form of contact, but I didn't find this thread until about a week ago, and for the
greater part of the month I thought I had sleepwalked and posted something about psychoactives and then was banned.
|
|
arkoma
Redneck Overlord
Posts: 1763
Registered: 3-2-2014
Location: On a Big Blue Marble hurtling through space
Member Is Offline
Mood: украї́нська
|
|
In my experience, that ain't sufficient reason tobe banned here, admonished MAYBE, banned, no.
Anyhow,how is manifest doing on the road to redemption? I've been on a (psychoactive) "vacation" LMFAO
"We believe the knowledge and cultural heritage of mankind should be accessible to all people around the world, regardless of their wealth, social
status, nationality, citizenship, etc" z-lib
|
|
packetforger
Harmless
Posts: 48
Registered: 21-2-2014
Member Is Offline
Mood: Condensing
|
|
Just a wild guess, but someone potentially exploited (maliciously) an XSS vulnerability (there are several in the boards software, like the ability to
embed <b>html</b> (I was going to use a script tag again there to illustrate the issue, but decided against it to avoid rising tensions.
See the "testing forum features" thread where I discuss that threat) to hijack sessions and suchlike.
If the administrators want, someone here could probably arrange to get the site audited sometime for flaws. I would offer, but would need to have a
long chat with work about extra-curricular activity and the legalities of all the things.
Anyway, total douchebag move on whomsoevers part that did this.
|
|
Brain&Force
Hazard to Lanthanides
Posts: 1302
Registered: 13-11-2013
Location: UW-Madison
Member Is Offline
Mood: Incommensurately modulated
|
|
Polverone noted that it was a CSRF vulnerability exploited by a hidden iframe. The kid who wrote the exploit (Manifest) is currently patching it.
At the end of the day, simulating atoms doesn't beat working with the real things...
|
|
packetforger
Harmless
Posts: 48
Registered: 21-2-2014
Member Is Offline
Mood: Condensing
|
|
Quote: Originally posted by Brain&Force | Polverone noted that it was a CSRF vulnerability exploited by a hidden iframe. The kid who wrote the exploit (Manifest) is currently patching it.
|
Dare I suggest we disable HTML posting as well as enabling the CSRF protections to prevent this kind of exploit from happening in future? The easiest
vector to get a CSRF payload into a users browser is probably to embed an invisible iFrame via a HTML posting sent via forum post or (possibly) U2U
message.
Still, at least the kid is helping to fix it. I know when I was an idiotic youngun I probably would have not been so mature as to go help fix the
problem!
|
|
lullu
Hazard to Self
Posts: 51
Registered: 2-3-2012
Member Is Offline
Mood: No Mood
|
|
I would recommend using noscript when browsing this board.
|
|
plante1999
International Hazard
Posts: 1936
Registered: 27-12-2010
Member Is Offline
Mood: Mad as a hatter
|
|
I got Hacked (again) My email adresse and birthdate have been changed, or so I think.
|
|
The Volatile Chemist
International Hazard
Posts: 1981
Registered: 22-3-2014
Location: 'Stil' in the lab...
Member Is Offline
Mood: Copious
|
|
Really? Sure about that?
|
|
plante1999
International Hazard
Posts: 1936
Registered: 27-12-2010
Member Is Offline
Mood: Mad as a hatter
|
|
Not 100%, I may have forgot to change my info back, but there was a weird email and the famous 1980 birth year.
|
|
Argentum
Harmless
Posts: 36
Registered: 18-9-2014
Location: El culo del mundo
Member Is Offline
Mood: UV light
|
|
Something strange
As I read in a polverone's post, it looks like manifest (the hacker) posted a link in a post in this forum, and that triggered something and the ones
who clicked that link were stolen
I just entered in Chemistry in General section and I saw a post with a japanese name. I opened it and I saw a text in japanese too. I translated that
text and, well, nothing about chemistry. Google translate did not really helped a lot, but it looks like a story about clocks or something like that.
And the text is full of japanese links, that's why I remembered this.
Ah, the user registered yesterday (24-09-2014) and this is his only post is this. His name is "cfgJqLpmNdc", I think it does not mean anything in any
language.
Maybe it was a strange joke...
|
|
Texium
Administrator
Posts: 4583
Registered: 11-1-2014
Location: Salt Lake City
Member Is Offline
Mood: PhD candidate!
|
|
Quote: Originally posted by Argentum | Something strange
As I read in a polverone's post, it looks like manifest (the hacker) posted a link in a post in this forum, and that triggered something and the ones
who clicked that link were stolen
I just entered in Chemistry in General section and I saw a post with a japanese name. I opened it and I saw a text in japanese too. I translated that
text and, well, nothing about chemistry. Google translate did not really helped a lot, but it looks like a story about clocks or something like that.
And the text is full of japanese links, that's why I remembered this.
Ah, the user registered yesterday (24-09-2014) and this is his only post is this. His name is "cfgJqLpmNdc", I think it does not mean anything in any
language.
Maybe it was a strange joke... | That would be a spam post. They don't appear as often as they used to before
the automatic deletion code was implemented, but they still slip through occasionally. They're basically harmless. If you see one, report it, and
don't click on their links or reply to the post.
|
|
NOV:5
Harmless
Posts: 24
Registered: 5-9-2014
Member Is Offline
Mood: Moodless
|
|
That.....was.....flicking......beautiful....
Polverone, to track a guy back to Northern Ireland and expose his entire kit, and come within a hair of getting a picture of his face.. Wow.. Very
nicely done.
Remember, Remember...
|
|
diddi
National Hazard
Posts: 723
Registered: 23-9-2014
Location: Victoria, Australia
Member Is Offline
Mood: Fluorescent
|
|
could this be part of the problem with disappearing member accounts?
is there a lockout policy if password is entered incorrectly? I haven't checked to see. the icloud hack was due to a brute force attack cos there
was no lockout policy.
[Edited on 16-10-2014 by diddi]
|
|
j_sum1
Administrator
Posts: 6325
Registered: 4-10-2014
Location: At home
Member Is Offline
Mood: Most of the ducks are in a row
|
|
Disappearing accounts like yours and mine are a separate issue. Malfunctioning script that was supposed to autodelet spam. Polverone said he fixed
the bug and apologised.
Registration issues are another. I tried to register several times over a space of a couple of months before I finally got in. Not sure what the
issue was then.
Hacking is a third issue and spam a fourth. Nothing much to add here.
|
|
Pages:
1
..
5
6
7 |