Community security breach

Discussion in 'SMF Discussions' started by lordi, Jul 23, 2013.

  1. lordi

    lordi Regular Member

    Joined:
    Jul 17, 2013
    Messages:
    20
    Likes Received:
    6
    Location:
    INDONESIA
    just posted in their official sites :

    source : http://www.simplemachines.org/community/index.php?topic=508232.new#new

    :(
     
    cpvr, zappaDPJ and Brandon like this.
  2. Brandon

    Brandon Regular Member

    Joined:
    Jun 1, 2009
    Messages:
    6,602
    Likes Received:
    1,706
    Location:
    Topeka, Kansas
    First Name:
    Brandon
    thanks for the info @lordi
     
    lordi likes this.
  3. zappaDPJ

    zappaDPJ Regular Member

    Joined:
    May 27, 2013
    Messages:
    250
    Likes Received:
    165
    Location:
    London, England
  4. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    Security breaches are not uncommon with SMF and it is generally frowned upon to report them. Most people will avoid reporting this problem because they are met with denial IE there are no security issues.

    There is supposed to be a new version 2.1 that is said to fix many of the issues ignored in 2.0.4 and previous versions but one just has to look at the reluctance to fix current bugs and security issues to see this 2.1 update will in all likely hood be a new version of previous screw ups.
     
    Last edited: Jul 27, 2013
  5. lordi

    lordi Regular Member

    Joined:
    Jul 17, 2013
    Messages:
    20
    Likes Received:
    6
    Location:
    INDONESIA
    based on their announcement , this breach is not because of flaw in SMF script, but because weak password used by one of their admin. like ubuntu case and other recent breach
     
  6. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    LOL the flaws are never in SMF according to their support people. It's either the user, or more often they say it is the host.
     
  7. cpvr

    cpvr Regular Member

    Joined:
    Aug 14, 2009
    Messages:
    3,219
    Likes Received:
    823
    Sucks that this happened. Just saw this email as well. I used SMF prior to moving to vBulletin 4.
     
  8. Autopilot

    Autopilot Regular Member

    Joined:
    Jul 27, 2013
    Messages:
    514
    Likes Received:
    334
    I've just read through many of the posts about this security issue on their forum and others and it would seem that person is being thrown under the bus.
     
    Last edited: Aug 3, 2013
  9. thebrad

    thebrad Regular Member

    Joined:
    Jun 29, 2013
    Messages:
    172
    Likes Received:
    18
    Location:
    Liverpool
    I seen this on Simplemachines it self its pretty bad i always trusted SMF in like covering my details but seems not, MyBB is better nevertheless.
     
    Autopilot likes this.

Share This Page