• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

5/17 Site Attack

Status
Not open for further replies.

Takura

New Member
GUYS. It's not a case of "FA having bad security." Have you heard anything that's been said? The security exploit was in the service FA *uses* for its database delivery. The security breach was not on FA's end. They had patched the exploit way back on the 5th. But data had been compromised before that, and since FA wasn't even aware of the exploit, they had no way of knowing said data was compromised. Instead of directing the selective outrage of the furry machine at FA, why not be outraged at the jerk who actually attacked the site? Even if FA's security could have been better, you don't prosecute the guy who had his house broken into, even if he left the door unlocked - you prosecute the actual thief.
The thing is though, staff should know they are at risk for these kinds of attacks at all times. I mean come on. You'd think with all the donations they get, they'd get better self defense programs or whatever.
 

mikead999

New Member
I'd like to go to Inkbunny but...eh I don't get much attention there so for me I'll be on DeviantArt...this sucks because I was just starting to become more active on FurAffinity again. Then this happens >_> Whoever is responsible for this mess is a complete dickbag.

Agreed.
 

keskitsune

New Member
Would it be impossible to reverse this process? From what experience I have with programming, it would not be very hard to reverse engineer this process from the source code.

Hash functions by their definition are irreversible, even if you have the source code. If you found some way to reliably reverse them, then you'd probably be spending your time breaking things much more interesting than a random furry site.
 

Takura

New Member
Why would someone do such a thing? What could they possibly have to gain from doing so? They should be forced to tell why, to hell with the right to remain silent
I bet you it was some person who absolutely hates furries, (as most people who attack the sites are furry haters ...or that's what I think) and I guess they had nothing else better to do so they thought 'hey! lets hack and shut down FA again!!' because, reasons.
I really hate hackers. Why can't they use their skills for good and not for crap like this?
 

mikead999

New Member
The thing is though, staff should know they are at risk for these kinds of attacks at all times. I mean come on. You'd think with all the donations they get, they'd get better self defense programs or whatever.

I can't blame them, after a few years with no attack, I wouldn't be on my guard either.
 

mikead999

New Member
Hash functions by their definition are irreversible, even if you have the source code. If you found some way to reliably reverse them, then you'd probably be spending your time breaking things much more interesting than a random furry site.

Valid point. Should I try it?

**Not on FA obviously (just my own site)
 

AliothFox

That High-Flyin' Foxy
The thing is though, staff should know they are at risk for these kinds of attacks at all times. I mean come on. You'd think with all the donations they get, they'd get better self defense programs or whatever.

They did. If you notice, the site has not suffered a major outage (8+ hours) for literally months. The last weeks-long outage of the site was over two years ago, and after that happened, the site got CloudFlare protection and a bunch of security upgrades and general performance increases. It always baffles me somewhat when people think that the muckymucks of FA do nothing but sit on their hands and cry when the site goes down. It's the most popular art site of the furry fandom, so naturally it gets attacked the most. Normally it can weather the attacks reasonably well. This time the attackers had a new trick.
 

Takura

New Member
I can't blame them, after a few years with no attack, I wouldn't be on my guard either.
I'd be on my guard forever after one attack. That's how professional sites are. They get attacked, then they are on their toes from there on out. See, that's why some people just do not like how FA staff runs things. They fix a problem, and then act like its never going to happen again. And then it does. It hasn't been years since the last attack, didn't the last DDOS attack happen just last year?
 

xTwilightStarx

A polished turd.
LOL what else is their t

I just hope we don't have to wait for like, weeks for the site to come back up. Days I can handle just fine but weeks? No...just no
Hopefully it won't take them too long but I wouldn't rush them either, that's a lot of lost data.
I would say the downtime doesn't annoy me, but I have commissions I need to be working on myself.
 

mikead999

New Member
I'd be on my guard forever after one attack. That's how professional sites are. They get attacked, then they are on their toes from there on out. See, that's why some people just do not like how FA staff runs things. They fix a problem, and then act like its never going to happen again. And then it does. It hasn't been years since the last attack, didn't the last DDOS attack happen just last year?

Maybe they just have a "forgive and forget" attitude.
 

Saiko

GTWT Survivor
Has FA had a third party perform a security audit yet? With compromised source code, I think that would be appropriate.
 

Takura

New Member
They did. If you notice, the site has not suffered a major outage (8+ hours) for literally months. The last weeks-long outage of the site was over two years ago, and after that happened, the site got CloudFlare protection and a bunch of security upgrades and general performance increases. It always baffles me somewhat when people think that the muckymucks of FA do nothing but sit on their hands and cry when the site goes down. It's the most popular art site of the furry fandom, so naturally it gets attacked the most. Normally it can weather the attacks reasonably well. This time the attackers had a new trick.
ugh. That's the annoying thing about hackers. They always got new tricks up their sleeves. So naturally, you would think to have someone on the FA staff to be able to counter those tricks. I'm really curious now as to who exactly did this and I hope we get to expose them.
 

Takura

New Member
Maybe they just have a "forgive and forget" attitude.
That wouldn't be very professional for a popular art site that takes donations....its like, personal info like notes get leaked, and I'd hate for them to be all 'lol lets forget about it. it didn't happen' ... those leaks are still up on the internet. not very easy to forget about it. Especially since people like to document these kinds of things
 

mikead999

New Member
ugh. That's the annoying thing about hackers. They always got new tricks up their sleeves. So naturally, you would think to have someone on the FA staff to be able to counter those tricks. I'm really curious now as to who exactly did this and I hope we get to expose them.

Honestly, If I were a hacker, I would work for both sides. Help cyber security programs, write viruses that counter them, then help them out again. That would make a lot of money. War is profitable.
 

KimButt

Member
I bet you it was some person who absolutely hates furries, (as most people who attack the sites are furry haters ...or that's what I think) and I guess they had nothing else better to do so they thought 'hey! lets hack and shut down FA again!!' because, reasons.
I really hate hackers. Why can't they use their skills for good and not for crap like this?


Oi Vey. Lord knows what's with anti furs
 

AliothFox

That High-Flyin' Foxy
ugh. That's the annoying thing about hackers. They always got new tricks up their sleeves. So naturally, you would think to have someone on the FA staff to be able to counter those tricks. I'm really curious now as to who exactly did this and I hope we get to expose them.

You make that sound so easy. "Well, they should just counter them!" It's hard to counter an attack you don't know. How do you think anti-virus software works? It can only stop viruses that are already in its database. You're really looking for them to wave a magic wand and turn the site into an impregnable fortress, and it's not that simple. The reason big sites like Amazon or Twitter or Facebook don't go down often (and even they do sometimes go down!) is because they have deep, deep pockets. FA does not.
 
Status
Not open for further replies.
Top