Oh...I do highly expect that in some deep, dark bunkers, there are military grade computing equipment, just waiting for World War III to start...complete with Reel-to-Reel drives, out there.
Granted, I'd be far more worried about the fact that there are still air traffic control towers in operation to this day, operating with computers that still function off of vacuum tube tech. Why, you couldn't even run Windows 1.0 beta on one of those!
No, DDoS are much more simplistic and virtually anyone can do it. It's basically flooding a site's servers until they get knocked offline by making it seem like there's tens of thousands of unique people accessing the site at once.
No, this is very different. A DDoS only keeps people from accessing the server that hosts the website.
This time around someone found a way in using stolen source code and started deleting things off the servers. Most the stuff that was deleted is able to be recovered using a backup, but anything newly submitted will have been lost and will have to be resubmitted by users.
I have a feeling once I put my phone down (I'm on mobile atm) I'm going to wake up to 500+ messages.heh heh just can't stop watching the comments roll in its 2:10PM for me i have 20 minuets before i have to wash the dishes wether i like it or not
but im sure i will be back to monitor the comment streaming in
so this is a sorta like a DDOS attack ?
This is much worse than a DDOS Style Attack.
This makes so much more sense that it's scaring me a bit.Well, not exactly. This is more like FA has been bondage secured with the hacker holding all the BDSM gear. Probing out the most sensitive spots and going to town as they wish. (Only FA isn't having fun.)
Whereas a DDOS is more like the busy tone on your phone when pressing buttons is refused to connect the call.
No, it's not like a virus at all. Viruses are malicious programs that can log information and scramble programs and disable them as well as delete files.ah ok so more like a Trojan Virus i have had my share of those buggers i noramly Anti virus scan it the do a system restore to just before i download said infected file but thats just for one computer i don't think the same idea would work for a server
I've been really kind of confused all day since FA has been down. Now, as an artist it's not my only place where I put my drawings, I have like 5 other places, save my refs to the computer and backup my work constantly, it's just...really lonely? FA has traffic and reach for me like none of the other sites I use. At first when I woke up and it was down I was mildly annoyed but used to it, but the prospect of losing a week is a struggle. I had a YCH auction that was doing very well that I'll have to restart if it's not restored. Who knows if it'll get bid on again. I can only imagine what my other friends are going through when they post 5-8 submissions a DAY.
Granted, this is not entirely FA's fault. There should have been more security because the site's always been vulnearable, but someone obviously went through a lot of fucking trouble to do this. And also, its pretty disgusting that some people are finding it funny and pretty much throwing parties and saying thank god.
As dragoneer said... whoever did this isn't hurting him no matter how infamous he or the other staff may be.
They're hurting the artists of the site, and our clients.
This is much worse than a DDOS Style Attack.
With a DDOS attack you are hammering a server to utilize all their bandwidth so that others cannot access the site.
CVE-2016-3714 (the exploit that was used), allows you to execute shell commands on the server. Giving you access to pretty much the entire FA infrastructure if you're good enough.
I'm honestly kind of sad to see that FA's sys admins didn't patch CVE-2016-3714 before it was too late... it's been known for weeks now...
Granted, this is not entirely FA's fault.
No, it's not like a virus at all. Viruses are malicious programs that can log information and scramble programs and disable them as well as delete files.
Just a quick FYI: if you need to get your fix of furry art or rely on it for commissions, there are other sites that will cater to your every need while FA is down.
Thanks a lot *hugs back* Luckily I do still have the files, its just the idea of wasted time that bothers me most. not to mention that all the people who watched my stuff in the past week are no longer going to be watching me. since i doubt they will remember unless they see the ad again, thats another possible loss of potential. D:awww * hugs* i hope your action ends well in the end its never good to loose money and your right this is hurting the users more then the admin
While that is true, you can post art and look at other art sites, however, with some people that have commissions to do and who gain income from said commissions will still suffer (unless they have another said site that can do this, though, a percentage will still be hacked off).Just a quick FYI: if you need to get your fix of furry art or rely on it for commissions, there are other sites that will cater to your every need while FA is down.
Believe me, I'm incredibly irritated that Furaffinity's lax attitude pretty much caused this to happen, but there's blame to be had on both sides.Hate to break it to you, but it is entirely their fault for not patching CVE-2016-3714 in time. The exploit had been known since 2016/03/30:
www.cve.mitre.org: CVE - CVE-2016-3714
A system administrator needs to be watching the latest updates / exploit reports of everything that their web apps use. Failing to patch critical security risks like this in time can be deadly.
^^^^yupWhile that is true, you can post art and look at other art sites, however, with some people that have commissions to do and who gain income from said commissions will still suffer (unless they have another said site that can do this, though, a percentage will still be hacked off).
^This. Yes, FA could have acted faster. But that doesn't make what other people did okay.True, but its not as though Furaffinity was "asking for it" the way twitter knuckleheads are making it seem. It's still abominable that someone attacked it in the first place and they need to be held responsible for their actions as well.