• Fur Affinity Forums are governed by Fur Affinity's Rules and Policies. Links and additional information can be accessed in the Site Information Forum.

5/17 Site Attack

Status
Not open for further replies.

FoxofGrey

New Member
I hate tumblr not only for its crappy layout and also the things you said, but also for the fact that 95% of the userbase clearly does not know what a freaking NSFW tag is for their posts. Worse is that the tumblr staff apparently can't be bothered to enforce something as simple as NSFW tagging. And good luck reporting a inappropriate avatar.

I could put up with the usual unmarked NSFW crap for a while, but when I started seeing real life pictures of a popular artist's wiener without any sort of mature filter on (among other things), that was the last straw for me and I immediately abandoned my account there. As bad as the horrors of FA's NSFW database is, at least the people here are curt enough to properly tag them as such.
Although I'm still waiting for a tag filter so that I don't have to see any of the "shit" on there (not going to mention what that "shit" is for the record).
 

FoxWolfie

Pee-Stinky Raccoon
Direct links are working, I checked my recent downloads from FA. Does that mean the submissions themselves are okay too?
The direct links go to the submissions, and to the various resized copies. All of mine that I tried are still there, so when they get the site back up, I see no reason why they wouldn't all be working. I suspect that they recovered nearly everything, except for maybe the few hours before they took the site down, though I may turn out to be wrong. I can't check anyone else's, because I don't have working links to theirs. If you go into your browser's history and search for facdn, you'll likely find working links to people's stuff, though it would all be stuff you'd already visited if it's in your history.

How long it takes to bring the site up likely depends on how fast they can scan through the code looking for any findable vulnerabilities and patching them. Now that the code is in the hands of potential future hackers, if any vulnerabilities remain, they'll surely be exploited. So, they sort of have to keep the site down until they are reasonably sure there's no remaining openings for hackers. It's better to take extra time to get it right, than to miss something. Security through obscurity is no longer possible no that the code is out.
 

---Storm---

Artist for hire
IMVU I think realized long time ago that they were living in pinky dreamland about what FA is (they thought IMVU community = furry comunity), and how they can earn money with it and actually it was a waste, so they probably cut funding.

As for FA, the code is as ancient as the pyramids, outdated and botched, totally unsuitable for today's technological level. Trying to patch it around is like thinking that if you sharpen your chipped sword you are still good to go against a modern army with assault rifles and tanks.

FA needs to be rewritten FROM SCRATCH.

And seeing how fixing even the most minor issues takes them several months, that's not gonna happen. They will ducts-tape the pieces together so it runs for a few more months until it falls apart again.
 

Snowbbi

99% fluff
its all free all you need is a phone number~
I'm assuming it'll send a verification code to your phone through text though? If that's the case, I'm outta luck, out of a job and the bill can't get paid.
 

peanutbutterking

New Member
I'm assuming it'll send a verification code to your phone through text though? If that's the case, I'm outta luck, out of a job and the bill can't get paid.
awwwww that's true. I'm sorry~ technicaly it doesn't have to be your number tho so you can use somebody elses phone!
that grammar tho
 
it's a shame that this happens right when i was preping to finish some art for this friday
i hope it does come back really soon
i really dont wanna stick to either Deviantart or Inkbunny just to upload some of my work.
trust me....i just dont
 

Snowbbi

99% fluff
awwwww that's true. I'm sorry~ technicaly it doesn't have to be your number tho so you can use somebody elses phone!
that grammar tho
I doubt my roommate will let me use his phone for it. Ah well, I'll just have to wait.
 

Soul_Wesson

Typically Lurking for Updates
And seeing how fixing even the most minor issues takes them several months, that's not gonna happen. They will ducts-tape the pieces together so it runs for a few more months until it falls apart again.

I referred to it to a friend as "Covering a role of paper towels with shiny new duct tape".
 

Hackerman1998

New Member
So when are you going to start asking for donations like last time the server went down?

I thought the whole reason for the donation drive in the first place was to find exploits like these by hiring capable web developers.

Extremely short-sighted scenario from the development team of Fur Affinity, always update and check the libraries and dependencies you are using for security flaws. Further to my understanding there has been lots of flaws reported with ImageMagick to the point where you start to wonder why you are even using it anymore when there are far batter alternatives.
 

Hackerman1998

New Member
So when are you going to start asking for donations like last time the server went down?

I thought the whole reason for the donation drive in the first place was to find exploits like these by hiring capable web developers.

Extremely short-sighted scenario from the development team of Fur Affinity, always update and check the libraries and dependencies you are using for security flaws. Further to my understanding there has been lots of flaws reported with ImageMagick to the point where you start to wonder why you are even using it anymore when there are far batter alternatives.

To add, the exploit which was used to attack FurAffinity was reported on the 4th of May, 2016 over at

www.us-cert.gov: ImageMagick Vulnerability
 

Draconas

Active Member
Several suggestions were given to broaden your horizons, you ignore them and look where it lands you.

You put all of your eggs in one basket. communications? references? the ability to conduct business? you've been locked out all of this AND MORE for 20+ hours, and some of you still have the gall to bitch and complain "well XYZ doesn't get enough traffic" then go there and make traffic. "their interface is shit" you could've spent today learning the interface for another site, it's not that hard.

All I and several others are saying: branch out, because you'll never know when furaffinity will cease to exist all together, data included, and then what are you going to do?
Need a way to contact someone? make an easy to access means to communicate, hell even a "business" email.
Need someone's ref? store that shit somewhere off site while you're doing business, dropbox or google drive works wonders, the free storage space is good enough, and if those services temporarily go down? you still have local access to them.

Quit making excuses of why you can't (or wont in this case) branch out to other fronts, spend a weekend or two to try it out, and who knows? you might end up getting more customers from multiple communities.
Even a personal website wouldn't be a bad idea neither to put your art and a way to commission/contact you, I have one of these going on just for the hell of it, and im not even an artist.
 
D

Deleted member 82554

Guest
You guys really think that FA will have to start all over? So we lose all our watchers, submissions and all the hard work we did? You really truely believe FA can afford that kind of downfall??
They can backup the database but as for the platform itself, they may have no choice. I don't think you fully realize the damage that can be done now that someone has the source code. They can do everything an admin can do on a software level, including perv at your notes and any sensitive PayPal information you may have mentioned..
 

---Storm---

Artist for hire
You guys really think that FA will have to start all over? So we lose all our watchers, submissions and all the hard work we did? You really truely believe FA can afford that kind of downfall??
??? Nobody said that. What we say is it needs to be REWRITTEN from scratch. That doesn't mean they could not migrate the existing database then.
 
Status
Not open for further replies.
Top