What a friend of mine who is a bonafide computer expert has to say about this: "Pretty sophisticated attack. Not a Joe down at the coffee shop thing. I can't imagine anyone putting in the work to do it for free. But back in the boot wars there were clubs of hackers working on that stuff. Crazy."
To my knowledge, BLFC.I just thought to ask. What convention were the drives distributed at?
On my own personal note, if it was just another DDoS attack on FA, this wouldn't be an issue. But some fucker out there has the source code and that means back-end access to everything. Passwords, personal information, the works.
They're either gonna have to make some serious back-end changes (which is extremely difficult), or start over again to stop this being a problem.
This is different from the previous downtimes.I've been through a decent number of FA downtimes and it always seems to come back, if not always punctually.
No, it was not sophisticated. The initial attack was using an exploit in imagemagick that any n00bs would be able to do easily.
The second attack was also simple, though arguably more complex, due to the source. But, I do not have insight into how it worked. Either way, I suspect it was a simple fault, also.
These attacks are certainly a joe at the coffee shop things.
Oh, and by the way, one of the best places to exploit something is at the coffee shop. Just don't be the only one there with the computer out. And VPN away anyways. etc.
These days, anything for "fun" like this will be done solo... the "teams" do it for profit. Someone doesn't like FA or the furry fandom. And that's the reality of it.
To my knowledge, BLFC.
They'd better not have access to passwords. They'd better bloody be salted and hashed. Given the security of this site... change any passwords on sites that have the same password... seriously. Do it.
Changing it shouldn't be a problem o.o patching holes is always a good idea.
In fact, the site code should be regularly audited -- who at IMVU is watching?
Does IMVU even care?
They won't have to start over again. That's insane :3
Will Notes be lost during this process?
I can't be the only one with important commission information in Notes over the past several days.
ETA: And what about Journals?
Other information such as journals, notes, passwords, and personal information was not affected.
It took FA 10,000 years to even get the folders they had, let alone improving themWould FA be able to mass upload and organize photos in a way similar to Inkbunny? I have a few series of artwork on my page that may be better if they were grouped in a single "folder" rather than individual submissions and grouping them later. In cases of data loss like this, it could help artists and commissioners.
Personally, I prefer the big wide display they have on SoFurry for showing stories over the narrow tablet-style viewer on Inkbunny, even if I prefer FA as a site. Could really do with some tag/user blacklists, though, I can think of more than a few people whose art I wouldn't mind never seeing again... :BI think the main reason I like FA over any other side is simplicity of use. It's easy to submit, like, fav, watch etc. About the only thing I prefer over FA is Inkbunny's writing interface. FA sucks if you're a writer and needs to copy how Inkbunny displays written text.
I made an account there today and I feel you on that sentiment. For me it just seems... Impersonal. It's just kinda there to upload your stuff and be done. I've found a few friends on FA and I'd hate to lose them over this.Hehe... you're probably right.
I like FN, but it's a bit... I dunno.
They're going to have to start all over again, someone has the source code. That isn't just a simple patch and put FA back online job, the people that have the source will always have access to everything on a software level unless they make some serious back-end changes.I don't believe IMVU gives a rats arse tbh.
If FA has to start all over again I'm walking and not returning.
Tumblr is the WORST at circlejerking jesus christ. Yup, most of the base is whining 15-17 year olds with no money and underselling their own art anyway.
Still...I got some really good business because of my art tumblr even though it hadn't been updated in months because i had my contact info on there. The client was really sweet and respectful too so even if you abandon it, dont delete. But it was very surprising.
Exactly. Furthermore, just because Weasyl doesn't go down doesn't mean it's reliable for business in any way, nobody's there.
Tumblr is uncomfortable, I do have an art blog on there and I post there but it's not really good for commissions. It's hard to keep track of who's who with how easy usernames can change, the messaging system isn't good and nobody has money there anyway. At least in my experience.