FurAffinity Bomb-Dropping

Dec. 20th, 2010 11:42 am
magedragonfire: (amaterasu)
[personal profile] magedragonfire
I know at least a couple of people on my flist here do work on or have accounts with FA, so I figure this is worth passing on:

Turns out Dragoneer is a beastiality and rape apologist, and Zaush is an alleged multiple rapist, and your private messages are open to all admins who care to read them. There's been a whole saga brewing over the past week, so I hear, but all of the pertinent details are summed up over here with links to screengrabs highlighting all of the above. I'm too disgusted to say much more about it, frankly, but I will say that it's high time the community found another spot for arts.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Date: 2010-12-20 09:37 pm (UTC)
From: [identity profile] minitsu.livejournal.com
,.....AAAAAAAAAAAAAAAAAAHHHHHHH I don't even want to click those screenshots because it will probably only make me froth with rage and frothing rage is only good when you can take it out on the guilty party.

Date: 2010-12-20 09:46 pm (UTC)
From: [identity profile] magedragonfire.livejournal.com
Yeeeeah, it's pretty ragetastic, and not even counting the original stupidity and subsequent backpedalling, the comments from people defending the assholes are just...

Mmrph. Well, this post is a condensed version, too, anyways - it's linked in the post I linked up above. It's a better and more clear write-up, but definitely has triggery sorts of things within.

Date: 2010-12-21 05:43 am (UTC)
From: [identity profile] palmer-kun.livejournal.com
Anyone with database access would be able to read PMs or anything else. It's just a simple database lookup.

However, this looks like the site code was designed expressly to go through PMs, which is a different issue altogether.

I would strongly suggest that anyone who is on FA change any passwords that are the same as their FA password.

If the code lets him check PMs... it just as easily could let him check passwords.

I know for a fact this is a simple matter - I've done it myself as a forum admin (as part of tracking down and banning socks).

Unless the forums were using a standard forum package (where the code prevents password snooping from the get go), it's quite likely you're exposed.

Date: 2010-12-22 05:22 pm (UTC)
From: [identity profile] magedragonfire.livejournal.com
Apparently the foundations of the site were built on rather shaky and insecure ground as is. Hackerfolk have been poking all sorts of holes in it over the past few months, I guess.

Still, I think the security issues here are the least of anyone's worries.

Date: 2010-12-21 11:21 pm (UTC)
From: [identity profile] raptor41887.livejournal.com
Seriously? I am tired of this shit. I don't even care if it's true. I'm just tired of everyone crying OMG CONSPIRACY.

Date: 2010-12-22 05:24 pm (UTC)
From: [identity profile] magedragonfire.livejournal.com
I've not heard any cries of conspiracies, personally. All I know is that the above information has been verified, and besides that, Dragoneer has been digging himself even deeper in comments made about the issue.
  • Add Memory
  • Share This Entry
Flat | Top-Level Comments Only

Profile

magedragonfire: (Default)
magedragonfire

June 2014

S M T W T F S
12 34567
891011121314
15161718192021
22232425262728
2930     

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 10th, 2025 04:58 pm
Powered by Dreamwidth Studios