• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

Search results

  1. kisuka

    It's Time for Real Account Security

    Here you go: 1) Make sure server time is synced always. 2) When the user enables 2FA generate a secret with generate_secret() 3) Generate a QR code with generate_qr() 4) Ask the user the scan the code and fill out the code they get. 5) Confirm the code with generate_passcode() 6) If it's...
  2. kisuka

    5/17 Site Attack

    there is: *facepalms*
  3. kisuka

    5/17 Site Attack

    CVE-2016-3714 had been known since mid/late april. They should have at least disabled all uploads temporarily until the patch came out. When the patch came out on May 3rd they then took 2 days to patch it. Even two days is too long when it comes to a critical security issue. Especially when this...
  4. kisuka

    5/17 Site Attack

    Why did you guys take so long to patch a known critical exploit? CVE-2016-3714 had been known for awhile before you patched it... I'm super disappointed in your system administrators.
  5. kisuka

    5/17 Site Attack

    Within that month period of time, tons of free to use code had been posted on github. Proof of concepts and what not on how to use the exploit to attack a server. This is how the network security field works. An exploit is reported and tons of netsec guys will create proof of concepts for their...
  6. kisuka

    5/17 Site Attack

    You should not be remembering passwords. You should be using a password manager like KeePass to generate a unique password for every website. Then you have a master key that opens your database of passwords. On top of that, use Two-Step Authentication on every service that offers it. If any of...
  7. kisuka

    5/17 Site Attack

    An explanation of the exploit / hack for people who aren't in the web development or tech industry: On the FA server is a program called ImageMagick installed. ImageMagick is used to resize images, manipulate them, etc. Tons of web services use ImageMagick for image processing. It is a very...
  8. kisuka

    5/17 Site Attack

    Hate to break it to you, but it is entirely their fault for not patching CVE-2016-3714 in time. The exploit had been known since 2016/03/30: www.cve.mitre.org: CVE - CVE-2016-3714 A system administrator needs to be watching the latest updates / exploit reports of everything that their web apps...
  9. kisuka

    5/17 Site Attack

    This is much worse than a DDOS Style Attack. With a DDOS attack you are hammering a server to utilize all their bandwidth so that others cannot access the site. CVE-2016-3714 (the exploit that was used), allows you to execute shell commands on the server. Giving you access to pretty much the...
  10. kisuka

    FA/IMVU Discussion

    https://www.youtube.com/watch?v=6h1Ed-gXs0Y
  11. kisuka

    FurSpace

    Sure no problem, just a word of advice though: You may wanna watch that smart-ass mouth of yours. Anyways, back on topic.
  12. kisuka

    FurSpace

    I have unbanned you, the reason you were banned was because you made an account then the first thing you did was make a blog that said everyone was a "faget", on top of that here is a screenshot of your "About Me" section: http://img78.imageshack.us/img78/3720/aboutnd7.jpg ,from those alone what...
  13. kisuka

    FurSpace

    Awesome x3 don't forget to invite your furrriends xp
  14. kisuka

    FurSpace

    Sorry for that 404 issue x3 I had to disable the php-rewrite mode to add ffmpeg to allow video uploads. x3 Remember to suggest things for furspace on our suggestion board on the forums section x3
  15. kisuka

    FurSpace

    MyFursona may have come first however they dont have as nearly as much features, and their gallery is pretty messy. To be honest I didn't notice MyFursona until after I launched FurSpace x3 but when I did I noticed they don't have as nearly as much stuff that is required to be called a social...
  16. kisuka

    FurSpace

    Hello everyone, FurSpace is a social networking site which helps bring together those who share the same interests in the Furry fandom community. The domain name was originally owned by Foxberance, however i recently purchased it and turned it into a fun and friendly social networking site for...
Top