Altar Forum Hacked?

[Litcube]

Anyone elese notice what's going on with the Altar forum? Every link is a putfile site, and the main branch contains the text: "LUvin you@"

[ShadoWarrior]

Yes, it's been that way for almost 4 hours. Looks like they've been hacked.

[Litcube]

By someone who loves them.

[Slaughter]

They've been using an old version of the forum software, so it was a matter of time really. Probably some durned script kiddies...

[Mikal]

Seems the new Altar lot don't think much of the forum since it still hasn't been fixed. Is anyone here in touch with them?

[Kret]

Well, considering that just fixing it will only make either the same guy or another one to come break it again. They might want to evaluate either patching up the issue before fixing the boards or completely upgrading the board engine. Without losing track of the actual work they're doing.

[ShredZ]

You can edit the address bar to view the forum threads... but posting is another matter. Just put this: forum.ufo-aftermath.com in place of the putfile addy. Hope they fix it soon~

[Slaughter]

Seems the new Altar lot don't think much of the forum since it still hasn't been fixed. Is anyone here in touch with them?

I've been talking to them. They're working on it (as it says at the front page of UFO-Aftershock.com), but I don't know when it will be up again. I hope they upgrade to the latest version of the boards immediately (fairly simple to do).

[sandstig]

According to the footer on the forums page, they're using IPB 1.3, which was the last official freeware release from Invision, if I'm not mistaken. It's possible that their version of IPB has undergone a number of mods which might make it a little more time-consuming to port it over to the 2.x versions of IPB (which they'd have to purchase a license for) or some other freeware alternative.

[Slaughter]

It would be a little work porting the skin for them, but besides that I think upgrading would be no problem. I think they'll stick with IPB, as they do own the license.

[Mikal]

I am amazed this problem has not yet been fixed. It's remarkably simple to fix and I say this because even I can do it and I'm not that much of a techy when it comes to the web.

 

It is very very poor PR for the new version of Altar. I emailed them about this on Friday morning and Altar acknowledged the problem but not what was being done to fix it.

[Snotface]

Hi,

the problem has been sorted out for now. Site is back up.

[Mikal]

Hi,

the problem has been sorted out for now. Site is back up.

 

Yes and look how long it took. If it took the new Altar organisation so long to fix something this simple I do have to wonder just how bugged the new Afterlight will be. This problem should have been rectified far more quickly than it was. The forum is part of the customer relations piece of the company so I consider the tardy delay a bit of a prat fall. I'd be very interested to know why it took them so long to put right.

[Kret]

Ugh. Could it be that they have more urgent matters to attend to? Or that the real solution is actually not as simple as you put it up to be? Breaking things is a lot easier than fixing them. If you don't believe me then just smash your face against a brickwall and then see how long it takes to heal. I'm getting quite tired of people that have nothing but UNcontructive criticism.

[Accounting Troll]

I'm inclined to give Altar the benefit of the doubt on this one. Finding the security flaws that let the hackers in and fixing them must be rather fiddly when you are trying not to lose any forum posts. They may well have had to bring in outside consultants to help ensure the site is now more secure.

[Mikal]

Ugh. Could it be that they have more urgent matters to attend to? Or that the real solution is actually not as simple as you put it up to be? Breaking things is a lot easier than fixing them. If you don't believe me then just smash your face against a brickwall and then see how long it takes to heal. I'm getting quite tired of people that have nothing but UNcontructive criticism.

 

First off you miss the point, it is bad PR to leave something like this unfixed for as long as it was.

 

I only do 2nd/3rd support for my job but I do little web stuff. However I have a friend who runs websites using the same type of board and I've done updates for him. It's a doddle.

 

The criticism is not mean to be viewed as unconstructive but to highlight a possible concern over their ability to fix things in general in a timely manner. If I'd been a potential investor viewing their response they would have lost the finance.

[Kret]

Updating and fixing are two different concepts. Even if the updating goes wrong, you're usually smart enough to have a backup to restore the original state of something. Fixing something that has been hacked is more complex, since the hacker won't be kind enough to intentionally leave a list of actions performed in a little file for someone to undo.

 

Bad PR, yes. But if they couldn't fix it sooner then it's something they have to deal with.

 

Personally, the time they've taken to fix it is pretty much decent. Unlikely top of the marks, but I've seen plenty which took longer. Additionally, I would rather stay away from investors that judge "my work" from how well I quickly respond to a forum hack.

[Azrael Strife]

First off you miss the point, it is bad PR to leave something like this unfixed for as long as it was.

 

I only do 2nd/3rd support for my job but I do little web stuff. However I have a friend who runs websites using the same type of board and I've done updates for him. It's a doddle.

 

The criticism is not mean to be viewed as unconstructive but to highlight a possible concern over their ability to fix things in general in a timely manner. If I'd been a potential investor viewing their response they would have lost the finance.

Plus, it's extremely easy to put up a simple page "we are having technical difficulties, the forum will be back online as soon as possible", I cannot think of any matters so urgent that they couldn't take 10 minutes to do so.

Not that I care, anyway, ALTAR is not on my favourite companies section

[Zombie]

As many of you probably know, the official Altar forums are up. When I checked the site this morning I was surprised to see they upgraded the forum software to IPB 2.1.5. Sweet!

 

- Zombie