UPSB v4

Board Comments / Explanation for recent hack

  1. Soren
    Date: Sat, Sep 21 2013 23:19:48

    I know that this post is a bit late but can we have an explanation of what happened on the recent hack where UPSB got redirected to another site? Many other forums posts an announcement when there is a problem going on with the site, yet there was no announcements posted about the recent hack on this forum. I know that this is a different forum, and not every forums works the same way, but I think that we as a members of this forum deserve an explanation. I know that there were updates on the UPSB facebook page but it is not detailed enough. @Zombo

  2. Eshor
    Date: Sun, Sep 22 2013 09:56:42

    i knew nothing about a recent hack before that post --'

  3. Yamaguchi
    Date: Sun, Sep 22 2013 10:49:56

    Ye lol it was like nothing happened o_o

  4. Voracity
    Date: Sun, Sep 22 2013 12:55:32

    I think we have the right to know too. Please explain

  5. ChainBreak
    Date: Sun, Sep 22 2013 15:28:55

    What's there to explain? Some hacker group defaced the site-network that upsb is part of to draw attention to the syria conflict. Since defacing is just a redirection that part of the code had to be removed and additional security measurements for preventing another case had to be implemented. Since you can never be sure if the newly implemented changes to the code are not causing any bugs the announcement was made. At which part is this hard to understand? Do you think web programmers are gods who shouldn't allow any disturbances?

  6. Awesome
    Date: Sun, Sep 22 2013 15:54:52

    I just heard about this but if it was to bring attention to a important political matter and had no lasting impact or anything whats the big deal?

  7. Enkronidus
    Date: Sun, Sep 22 2013 22:40:46

    Some sort of trolling, I guess. Doesn't really matter anyways.

  8. Zombo
    Date: Tue, Sep 24 2013 17:04:21

    The attacker was able to modify the admin control panel to modify the template below the shoutbox such that the entire webpage would be redirected through a meta call. No password was stolen since the attacker did not have access to the database. Even if he did, he would not be able to see the passwords because they are stored in encrypted form anyway. The most sensitive information he could have gotten is the registration e-mails for the users, which can also be gotten if you set your email to public.

  9. exclusive
    Date: Sun, Sep 29 2013 18:25:55

    apparently there was a vbulletin leak, another forum running vbulletin got hacked too