Currently installed 5 official extensions. Copyright © 2003–2009 PunBB.
HM?
I checked the PunBB website and saw that's the newest wersion is from 2012. Sitting / operating on old software like this as a public in the internet is quite unsecure also for users. There can be a lot of undocumented and unfixed security holes and exploits.
You are not logged in. Please login or register.
2024 Note on Registrations
the old system to register for an account is back with a few security improvements. Please tell your friends to click the register link and, once a password is confirmed via email, visit the sticky topic in the "Introduce Yourself to Gain Access" room.
We officially need a fix for this duplicate topic thing (Page 4 of 4)
AudioGames.net Forum → Site and forum feedback → We officially need a fix for this duplicate topic thing
Posts: 76 to 94 of 94
#76 2024-02-13 06:13:46 (edited by dash 2024-02-13 06:19:05)
#77 2024-02-13 06:50:29 (edited by ignatriay 2024-02-13 06:52:50)
Ok, i'm honestly wondering if some of the accounts got hacked? I mean now there are 2 posts from the true swamp gamer called epic fuck head with the only word, meow. Could it be a account compromise? I mean at least in th true swamp's case and solace accounts? Either that, or the attack on the forum got a hold of logging credentials like username and passwords? It just seems odd about the true swamp gamer.
sound designer for mental vision, and Eurofly3.
take a look at
My freesound pageWhere I post sounds I record. ps: if you use my sounds, remember to credit me smiley
take a look at
My freesound pageWhere I post sounds I record. ps: if you use my sounds, remember to credit me smiley
#78 2024-02-13 08:40:33
Given that this forum doesn't have any measures to protect against breached or insecure passwords, or password requirements in general, it wouldn't surprise me at all
"On two occasions I have been asked [by members of Parliament!]: 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out ?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." — Charles Babbage.
My Github
My Github
#79 2024-02-13 13:37:50
Honestly seems fairly in character to me. As for password security, they’re all hashed, and I think you’d have a job finding anyone in the blind community with the skills to brute force, or the time for that matter. Let’s not forget that we’re dealing with, at best, people who know how to use VPNs and hold down their enter keys, and who probably lucked into discovering the whole guests can create topics thing in the first place. No sense giving them too much credit.
#80 2024-02-13 15:26:50 (edited by DevilGuardian 2024-02-13 15:30:58)
I remember posting a topic a little over a year ago regarding pressing the submit button on a post when you are writing in a topic. perhaps the same logic should be applied here as well?
DevilGuardian wrote:
I absolutely hate this message. Every single time I post something and press the submit button, I get this. Warning, At least 10 seconds have to pass between posts. Please wait a while and try posting again.
The people who love you the most, are the people who matter most in your life.
#81 2024-02-13 18:10:04
@79, I think your underestimating the kinds of passwords I'm talking about though. There are public databases, on GitHub no less, of millions of passwords that have been breached and de-hashed (or that were never hashed to begin with). It's a good thing those databases exist, of course, but you'd be surprised at just how many people use those passwords even though they shouldn't, because the average Joe Public doesn't know any better and we don't encourage strong passwords or the use of password managers. And sure, this is a part of the blind community that we're talking about, but that in no way means that people don't use dumb passwords. And maybe the passwords are hashed, maybe they aren't (I haven't looked at the Pun/PanBB source code), but if someone has used those passwords on here, it doesn't matter if they've been hashed or not.
"On two occasions I have been asked [by members of Parliament!]: 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out ?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." — Charles Babbage.
My Github
My Github
#82 2024-02-13 19:20:20
@Ethin: Not encouraging the use of strong passwords? I don't know which websites you visit, but I rarely register anywehre without seeing some form of strong password notice (unless you're solely talking about this forum, then you're right). And as much as I would love to use a password manager, initially setting those up is plain painful (I ried with Keepass, but gave up pretty quickly).
As for the duplicate topic issue, I think it's a result of another issue, which is that between pressing enter on the submit button and you leaving the topic creation screen, several seconds pass. As we can see in the new releases room right now, this has escalated to the point of people doing it on purpose (see the topics titled trash).
Greetings and happy gaming, Julian
If you say you never lie, you're a liar.
Oh, and #freeGCW
If you say you never lie, you're a liar.
Oh, and #freeGCW
#83 2024-02-13 20:06:39
I have never had my posts lag. Whatever this is, it isn't everyone.
My Blog
Twitter: @ajhicks1992
Twitter: @ajhicks1992
#84 2024-02-13 20:55:21
@82, Try Bitwarden. I've been using it for just over a year and it does everything I need it to.
@83, I don't either. The worst I get is the site hanging when editing a post or trying to search.
At least the search doesn't give me an error like it used to.
#85 2024-02-13 22:03:42
I’m probably an idiot for saying this, but maybe the spam is the last straw to break the camel’s back and switch forum software. Maybe it’s a protest or act of rebellion to get things done. Playing devil’s advo. Oh wait I am the devil; of course I would advocate for myself.
@79 great way to put a target on your back. You’re basically asking to be hacked by saying something like that.
@82 it is worth it. Having to change and update all of your passwords is annoying, but after that you never need to worry about making another password again. Any time you make a new account, sign into the app or extension and generate a new password with the specified criteria.
Try giving bitwarden a try as what 84 recommended. Also make sure to visit the web vault for additional settings that are exclusively only found for your account there.
#86 2024-02-13 22:36:58
@85, you can’t seriously be that level of condescending to someone you don’t even know and wonder why a lot of people here don’t like you. I said, quite correctly, that PunBB / PanBB hashes passwords, and that the people doing this kind of thing here are mostly trigger happy teenagers, or possibly adults in need of some serious help, or an unholy mixture of both, not the sort of people with the intellect to carry out any attack more severe than that which we have already seen here. What’s more, even if we assume you’re right just for the sake of argument, why would someone go to all the trouble of combing through leaked password databases on GitHub just to hack one very specific user whilst the guests vulnerability was already open and very clearly being exploited for all to see? Clearly there is an obvious and simple answer to this question, which you, with your advanced knowledge of cyber security, have already done me the honour of figuring out, hence your certainty that I don’t take my own security seriously, and I gladly await your response.
#87 2024-02-13 22:56:59
@86, I did in no way imply that you didn't take your security seriously. I explicitly said that the average layperson doesn't, and though the blind community isn't full of "average laypeople," it is full of people who it can be safely assumed are not all using password managers or strong passwords for whatever reason. I also was in no way being condescending; I was stating a fact that there are databases out there that are pretty easy to find and that contain well-known passwords like 123456, password123, and so on and so forth, and if anyone on here used such passwords, it being hashed in the database would be completely irrelevant. Yes, in this instance the guest account thingy was abused. But I was responding to the theory that posited that accounts were hacked. And if they had been, it wouldn't need someone to go digging through leaked password lists, though that is one way. Unlike you, I am not assuming that the people on this forum are technically illiterate. I am assuming the opposite. Maybe there are some on here who are less technically literate than others, but I also know that this forum has lots of teenagers on it, and I know how crafty teenagers can be and how capable they are when they want to do something, since I was one once. Get an immature teenager fixated on hacking an account, and they'll most likely find a way if the account isn't secured properly.
"On two occasions I have been asked [by members of Parliament!]: 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out ?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." — Charles Babbage.
My Github
My Github
#88 2024-02-13 23:09:03
@87, my post wasn’t directed at you, sorry. Your theory is a sound one, even if I personally don’t think it makes much sense in the context of what actually happened here. I was specifically responding to Zarvox, and I wouldn’t have felt the need to do it at all if he wasn’t well-known for playing the armchair psychologist and generally acting like he knows more about just about everything than he actually does. He’s not a problem in the same way that someone like jksisco is, in the sense that he does occasionally have valuable contributions to make, but more often than not, he’s either spouting meaningless word salad or else riding on the coattails of other more informed users such as yourself.
#89 2024-02-13 23:19:06
@88, oh, my bad, it looked like you'd mistyped. My bad, apologies.
"On two occasions I have been asked [by members of Parliament!]: 'Pray, Mr. Babbage, if you put into the machine wrong figures, will the right answers come out ?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." — Charles Babbage.
My Github
My Github
#90 2024-02-13 23:23:11
@82: In my experience, few registration systems on the modern internet encourage strong passwords. What most do is enforce a bunch of rules that add a little strength while making the password nearly impossible to remember(encouraging password reuse or writing the password down) and which make strong, but easy to remember, passwords unusable. Granted, it's better than just letting people use password or a single, all lowercase word from the dictionary, which most people would do if you let them, but we're still talking requirements that result in passwords that could be trivially brute forced without the log-in page limiting log-in attempts and which are more likely to lock the user out of their account because their browser profile got corrupted/erased and they couldn't remember the rules that website enforced when creating the password than they are to stop a malicious hacker who is determined... Admittedly, no clue how to actually encourage average people to use strong passwords(heck, I'm fairly tech savvy, but still lean towards passwords that are easy enough to remember so I'm not totally screwed if my Firefox profile gets corrupted and I lose my saved passwords), but I feel like most websites are actually encouraging bad behavior while instilling a false sense of security.
#91 2024-02-14 00:14:18
That's exactly why we have password managers.
If something happens to your web browser, just get a different browser or continue using that extension with the same browser. All your passwords will still be there.
Password managers are also cross platform, and signing in as as simple as entering your vault's email and password, possibly approving your signin, and you're ready to go.
#92 2024-02-14 04:14:40
@86 didn’t say that you are an idiot or that you don’t take security seriously. I just said that you said something dumb. I know for a fact you take it seriously and you’re not an idiot. So your assumptions are incorrect. You might not be an idiot, but you do know how to make a fool out of yourself sometimes. I said a dumb general statement, get over yourself.
#93 2024-02-14 06:10:00
haily_merry wrote:
Honestly seems fairly in character to me. As for password security, they’re all hashed, and I think you’d have a job finding anyone in the blind community with the skills to brute force, or the time for that matter. Let’s not forget that we’re dealing with, at best, people who know how to use VPNs and hold down their enter keys, and who probably lucked into discovering the whole guests can create topics thing in the first place. No sense giving them too much credit.
It’s hard not to take that as a little bit of an insult, particularly since you haven’t yet answered my question, or actually mentioned which part of that post you found particularly stupid. Unless you know something about the people behind these spam attacks that I or the rest of us don’t, of course, in which case I have a hard time understanding why you’re not being a bit more forthright.
My basic contention was that I found the possibility of thetrueswampgamer having been hacked rather unlikely, partly because of what I already know about him both on and off forum, but mostly because doing this kind of thing would be prohibitively difficult for the sorts of people making thousands of bullshit posts for shits and giggles, which isn’t I should think an especially controversial take. Not saying that kids aren’t clever or resourceful, but there’s an effort versus reward balance in all of these things, as long as you remember that the primary motivation seems to be to cause as much chaos on the forum as possible, this just equals extra effort for no real reward at the end of it. There’s an argument to be made that I was generalising quite a bit too much when I said that you’ll have a hard time finding people who know how to brute force in the blind community, I should’ve been a bit more specific there, but at that point we’d just be arguing semantics, and I’ll have a hard time taking you seriously for awhile if that turns out to be the entirety of your criticism. I’m going to go out on a limb and say that you probably weren’t nitpicking my evaluation of the relative difficulty of brute forcing, but at this point who knows. I think of all of the arguments I’ve had on this forum, this may actually be by far the weirdest, especially since I normally seem to have some grasp on what the terms of the argument actually are. My own fault for taking it too seriously, I suppose.
There are two very important lessons which I eventually learned after years of getting myself into stupid situations on this forum and which you don’t quite seem to have gotten the hang of yet. Understand your argument and show your working. If you don’t understand your argument or find after a period of thinking about replying that you don’t actually have an argument worth making or a point worth contributing, there’s not much point adding to the general hubbub and confusion of the topic, still more so if you’re thinking of making a criticism of some sort which you may not be able to defend later, And if you can’t show your working in a way that would make sense to an outside observer, there’s a pretty good possibility that most of the people who read your post won’t actually understand what you’re driving at. Often I think about replying to a given topic for awhile and decide it’s not worth it, other times I feel I do have something to say, but I’m simply not in the right headspace to put it in a way that makes sense to even me, so again I don’t bother or put it off for another time. Some days I’m better at this than others, today may actually have been one of my worse days, but nobody is perfect, and I can’t honestly remember the last time I got into an argument where I didn’t at least have a very good grasp of what my position actually was And why I was engaging and where I felt the other person had a similar level of understanding, this one excluded. If half of your arguments are spent clearing up miscommunications with your opponents, past a certain point you have to conclude that you’re doing something wrong and it’s imperative on you to fix it, not them.
As a not very interesting sidenote, I think this may actually be the longest post I’ve ever written on my iPhone. Thank God for dictation, even if a good chunk of my time is taken up with correcting errors and I could’ve probably done a faster and more efficient job if I just gotten up And used my fucking keyboard, but oh well. God created lazy people for a reason, at least that’s what I tell myself every day to help me sleep at night. 
#94 2024-02-14 11:20:43 (edited by Cornettoking 2024-02-14 12:01:33)
@Zarvox: I know. It's one of those things I know I should be doing, but that just end up being so annoying that I give up. I'll look at Bitwarden though.
Edit: Awesome, now I have to fuck around with HCaptcha again, thanks for nothing.
Greetings and happy gaming, Julian
If you say you never lie, you're a liar.
Oh, and #freeGCW
If you say you never lie, you're a liar.
Oh, and #freeGCW
Posts: 76 to 94 of 94
AudioGames.net Forum → Site and forum feedback → We officially need a fix for this duplicate topic thing
Generated in 0.044 seconds (56% PHP - 44% DB) with 9 queries