21 Jun 10, 01:40AM
(This post was last modified: 21 Jun 10, 01:41AM by RandumKiwi.)
Quote:Repeated deletion of "unwanted" or "uncomfortable" posts/threads by devs and moderators- There have been none. If there were, they'd show in the logs and in the pool of "undo delete" posts, which is a tool that can be used.
Quote:The announcement of closed binaries (you do know that this has failed many times before, right?)- I don't deal with this, so can't comment.
Quote:A general tendency to sacrifice everything to fight the cheaters (the success of which is disputable)- .. and if people are cheating, what's the point of playing?
Quote:A major security breach of the website, but no information given about it (come on, everyone should know by now that the "security through obscurity" concept is not valid). Were mail addresses leaked? Might malware have been distributed? Bah, don't you care.Security through obscurity doesn't work on it's own. However, it does work in combination with other security methods. Is keeping your password a secret, security through obscurity, guess what? It is.
The fact is, that although we have ensured there is better security by DESIGN now, if we were to be hacked, the first step any hacker takes is to gather information, and guess what! Obscurity delays, or stops this. We are NOT going to advertise the inner working of our systems, just to satisfy you, which would advertise those details to potential hackers also. We are NOT relying on obscurity for security, but yes, we use it, because we aren't idiots (see passwords).
We don't have to tell you anything about it whatsoever. We are not obligated to, at all. The fact that we have told you what we have so far, is enough. Site was breeched, we fixed it, end of story. Wanting to know anything more than that, is purely for gossip and/or curiosity. For your comfort, I will let you know that:
* Yes, emails may have been leaked.
* No, malware wasn't distributed.
* We recommend you change your passwords used on the site, just in case, however, they were encrypted so it shouldn't matter too much.
* Yes, security systems in place now are far better than before.
* Yes, the initial security issue that caused this trouble (as mentioned before in the development forum, it was a PHP exploit, executed on an insecurely written page on the main site - not the forum), has not only been removed, but also had several changes put in place to minimise or stop the damage, should such incidents occur in the future (which they won't).
Quote:A general attitude of acting like a parody of a commercially-oriented companyNo sufficient evidence for this, you're just throwing dirt around.