[BBUK4LYFE]

Nice to see that the forum is back up.

[paulie57]

Welcome back yourselves and thanks for the explanation and for your advice. Missed the site very much last night and glas it's back. Much the best.

[Prole]

Hey, well done getting it up and running again. I had every faith. Nice to see it back, thanks.

[mike888]

This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!!

[Nicky.]

[rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx

[Brad.]

[rquote=2499852&tid=144192&author=Nicky.][rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx[/rquote]

Spot on nicky

[BBUK4LYFE]

[rquote=2499852&tid=144192&author=Nicky.][rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx[/rquote]
Pretty much this.

Using the same password on a message board that you use for your bank account is beyond idiotic. At least change your email password, so that they won't get access to your other stuff.

[mike888]

[rquote=2499939&tid=144192&author=BBUK4LYFE][rquote=2499852&tid=144192&author=Nicky.][rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx[/rquote]
Pretty much this.

Using the same password on a message board that you use for your bank account is beyond idiotic. At least change your email password, so that they won't get access to your other stuff. [/rquote]

How dare you call me idiotic after the fck up this site has made, The only idiotic thing I did was join a crummy forum that didn't have tight enough security, putting everyone at risk! No one can access my bank account anyway, it needs 2 Pin numbers and my password which is not exactly the same as on here. My email password is also not the same as on here, it has extra characters on the end. The accounts that are at risk are those I use for internet shopping. As far as I'm concerned this site has not only put me at risk but EVERYONE who's joined it, so unless you are connected with it why the hell are you defending it? We ALL have a right to know who is responsible, otherwise we're not being shat upon once but twice. IF THIS SITE HAS PUT ME AT RISK I WANT TO KNOW NOW WHO I'M AT RISK FROM. EVERYONE HAS A RIGHT TO KNOW!!!

[Scarlett.]

[rquote=2500183&tid=144192&author=mike888][rquote=2499939&tid=144192&author=BBUK4LYFE][rquote=2499852&tid=144192&author=Nicky.][rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx[/rquote]
Pretty much this.

Using the same password on a message board that you use for your bank account is beyond idiotic. At least change your email password, so that they won't get access to your other stuff. [/rquote]

How dare you call me idiotic after the fck up this site has made, The only idiotic thing I did was join a crummy forum that didn't have tight enough security, putting everyone at risk! No one can access my bank account anyway, it needs 2 Pin numbers and my password which is not exactly the same as on here. My email password is also not the same as on here, it has extra characters on the end. The accounts that are at risk are those I use for internet shopping. As far as I'm concerned this site has not only put me at risk but EVERYONE who's joined it, so unless you are connected with it why the hell are you defending it? We ALL have a right to know who is responsible, otherwise we're not being shat upon once but twice. IF THIS SITE HAS PUT ME AT RISK I WANT TO KNOW NOW WHO I'M AT RISK FROM. EVERYONE HAS A RIGHT TO KNOW!!! [/rquote]Calm the fcuk down!

We wont be allowed to know ****, cause I think it may be a police matter (hacking websites and taking passwords is against the law, especially from minors) so....we probably aint allowed to know anything due to that side of things

Now maybe you can go get your self some hot chocolate and some chill pills, yeah?

[Twilight]

Yayy its back

[BBUK4LYFE]

[rquote=2500183&tid=144192&author=mike888][rquote=2499939&tid=144192&author=BBUK4LYFE][rquote=2499852&tid=144192&author=Nicky.][rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx[/rquote]
Pretty much this.

Using the same password on a message board that you use for your bank account is beyond idiotic. At least change your email password, so that they won't get access to your other stuff. [/rquote]

How dare you call me idiotic after the fck up this site has made, The only idiotic thing I did was join a crummy forum that didn't have tight enough security, putting everyone at risk! No one can access my bank account anyway, it needs 2 Pin numbers and my password which is not exactly the same as on here. My email password is also not the same as on here, it has extra characters on the end. The accounts that are at risk are those I use for internet shopping. As far as I'm concerned this site has not only put me at risk but EVERYONE who's joined it, so unless you are connected with it why the hell are you defending it? We ALL have a right to know who is responsible, otherwise we're not being shat upon once but twice. IF THIS SITE HAS PUT ME AT RISK I WANT TO KNOW NOW WHO I'M AT RISK FROM. EVERYONE HAS A RIGHT TO KNOW!!! [/rquote]
I never called you idiotic, I said what you did was idiotic. There's a difference you know.

[Sticks]

[rquote=2497681&tid=144192&author=James]Yeah, this is a more basic version of the forum which we have had to install for now.

Most of the changes we've done over the last few years will have to be redone...

Here is a partial list of what has gone...

bbcode custom statuses
spoiler mod
youttube
forum icons
forum categories
sidebar
cellover effect
custom themes
award system
ignore
rss feed
avatar upload / gallery
fav housemates
karma
[/rquote]

Do you know how long it will take to restore these features assuming that is going to happen. Also if you are taking this forum elsewhere what happens to all our past posts, will they go as well or will it be a year Zero type scenario?

[Scarlett.]

[rquote=2497681&tid=144192&author=James]Yeah, this is a more basic version of the forum which we have had to install for now.

Most of the changes we've done over the last few years will have to be redone...

Here is a partial list of what has gone...

bbcode custom statuses
spoiler mod
youttube
forum icons
forum categories
sidebar
cellover effect
custom themes
award system
ignore
rss feed
avatar upload / gallery
fav housemates
karma
[/rquote]

Man, you guys must be pissed

[Mark]

[rquote=2500252&tid=144192&author=Sticks]
Also if you are taking this forum elsewhere what happens to all our past posts, will they go as well or will it be a year Zero type scenario?[/rquote]

Everything will be transferred over.

[Sticks]

The other fix we have lost is the way this forum handles mail notifications. Prior to hack you just got one per thread until you visited that thread, to avoid people's mail boxes being filled up if a thread they were subscribed to got very busy.

[Jackie]

Hello

[Niamh.]

Frdiay night wasn't the same

[Lauren]

[rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking
[/rquote]

You're right, that is highly irresponsible.

[Nicky.]

Well, thank you guys I don't think this guy agrees though! aha Xx

[rquote=2500183&tid=144192&author=mike888][rquote=2499939&tid=144192&author=BBUK4LYFE][rquote=2499852&tid=144192&author=Nicky.][rquote=2499810&tid=144192&author=mike888]This is ridiculous and totally irresponsible. My password is one that I have used since I stated using the web and even before then. I use it on nearly every site I visit including internet banking the only difference being 3 digits are added to the end of it on some accounts. I'm not changing it for anyone, that always has been and always will be my password. FFS how poor must the security have been on this site for this to happen, If I suddenly find my email address and password have been used to access my accounts and take money and buy goods I shall take legal advice and seek compensation through the courts. Luckily my bank card has just expired and I have to register a new one with everyone I deal with so no one can use any of my accounts at the moment, but even so this is intolerable. WE HAVE A RIGHT TO KNOW WHO IS RESPONSIBLE. NOW, NOT IN IN THE FUTURE!!! [/rquote]

To be honest, that's your own stupid fault for using the same password on a friendly, big brother internet forum that can be accessed by anyone... to a bank account that people can use your money with! Anyone with a sense of a brain should be able to work that one out!

I have 5 different passwords I use all over the internet, it's not hard to remember 5. Then if you ever forget, just put them in 1 after another and one is bound to work! Simples! Xx[/rquote]
Pretty much this.

Using the same password on a message board that you use for your bank account is beyond idiotic. At least change your email password, so that they won't get access to your other stuff. [/rquote]

How dare you call me idiotic after the fck up this site has made, The only idiotic thing I did was join a crummy forum that didn't have tight enough security, putting everyone at risk! No one can access my bank account anyway, it needs 2 Pin numbers and my password which is not exactly the same as on here. My email password is also not the same as on here, it has extra characters on the end. The accounts that are at risk are those I use for internet shopping. As far as I'm concerned this site has not only put me at risk but EVERYONE who's joined it, so unless you are connected with it why the hell are you defending it? We ALL have a right to know who is responsible, otherwise we're not being shat upon once but twice. IF THIS SITE HAS PUT ME AT RISK I WANT TO KNOW NOW WHO I'M AT RISK FROM. EVERYONE HAS A RIGHT TO KNOW!!! [/rquote]

Well to start with, I think only about 99% of people use the same password on both, so it's themselves they're putting at risk! You wouldn't go around tesco with your card to your bank, then scatter them all over the floor? Then type in the code at the checkout... where anyone could be looking! Then they run away with your card and use alllll your money!! Bit exaggerated on my behalf, but it's pretty much the same principle! It's not up to the mods to tell you not to use a personal password, they leave that up to you.... they would expect you to realise that

and um, I'm not defending anyone! I'm mates with Mark, and I know this wasn't his fault... or James'! It's just one of them things!

and if they actually can't access your internet bank account, why did you make such a fuss? I wouldn't be the boy who called wolf if I were you. If you are that annoyed with TiBB, just go! xD It's not hard not to type the URL in the search bar :3

Xx

[Nicky.]

I must point out, the forum seems to be running much quicker! Or maybe it's just my dodgy net having a good day? Xx

[bronaaaa]

[rquote=2500511&tid=144192&author=Nicky.]
and um, I'm not defending anyone! I'm mates with Mark, and I know this wasn't his fault... or James'! It's just one of them things!

and if they actually can't access your internet bank account, why did you make such a fuss? I wouldn't be the boy who called wolf if I were you. If you are that annoyed with TiBB, just go! xD It's not hard not to type the URL in the search bar :3
Xx [/rquote]

Haha I love the xx at the end
And yes, I agree with you there, bit silly using the same password for your bank, and it's not Mark or Jame's fault this all happened

[Luanda]

I used to run a forum with 15,000 members. The forum used was Invision but the security issues were the same. May I just outline the following;

1. The password problem is being misunderstood. The hackers did not see your password, they saw an encrypted version of your password. These encrypted versions can be broken by looking them up on the internet but only if you were stupid enough to use a password that was simple and not obscure. Banking issues are nonsense and hysterical. Think about how you enter your banking password/PIN/email address and you will see.

2. The Data Protection Act can be used against the people who hacked the board. However, one has to prove they took the email addresses and personal information as opposed to just having access to it. That is very hard to prove. Individual members can complain to the police but you will be lucky if the police decide to put resources into investigating your complaint.

3. The owners of this board must bear some responsibility for this. As features have been lost I gather the old board accrued features but security patches were not installed. This is not acceptable. I do not understand why security patches were not installed as they became available but can guess this was because of the features added and an unwillingness to risk having to reconfigure them as and when security patches were added.

4. No discussion board is 100% secure. A fact.

5. Board/Site wars are nothing new. If you have thousands of posts made by members, some will undoubtedly make posts that offend others. The nature of the internet means that offence can be taken and individuals or groups will try and inconvenience the board concerned. A new member on my board made a post containing a script that planted a "bomb" that shut down all members computers who were online at the time and opened the post, it also altered registry entries. Very nasty and inconvenient.

6. If you have a board yourself the path/route to certain features are easy to access on similar boards if you know the directory structure of the board involved. This is why certain folders and files should have their names altered for security. This can only be done by the owners of the board.

7. Never, I repeat, never trust anyone on a discussion board. Boards act as a magnet to narcissists and sociopaths. One can easily be led into doing things that under normal circumstances one would not do. Never give any personal information to anyone by U2U or email. It may seem common sense not to do these things but a board generates a feeling of community and one's guard is lowered after a time.

8. In the board T & C's it should be made clear you use the board at your own risk.

9. It seems user groups for admin's and mod's have been lost. It takes time for these to be restored but it may come as a warning to the board owners that sections of the board that may be segregated for certain user groups can never be secure. Private areas can be accessed in the event of a board breakdown and can cause acute embarrassment. It has happened to me. Edited: It seems some threads for the mod's are open to all users. Just the sort of thing that happens when user groups are messed with.

Good luck to the owners of the board and I wish you all the best in the future.

[Braden]

oh so the avatars won't be working for a while

[maningrey]

Hello there.

Personally, I did not access your database (or had anything to do with it for that matter) I'm sure tracking my IP will reveal I haven't actually done anything.

Anyway! to make it more clear to the members of this forum, I'm gonna post some honest facts!, I'm sure this post will be removed because basically, your admin has been ball****ting you.

1) Your admin was warned numerous times about the "security issue" (like 3 times over 6 months as a member from our side actually uses this forum lol..) his thread has actually been removed so its apparent the admin likes to be seen "superior" and not stupid.

2) Quotation "The database was viewable for about an hour" absolute pile of cr*p, about 3 days mate.. nice try

3) The MD5 hashes were easily crackable from what I was told, so just change your password anyway.

5) I am actually sorry to the members of this forum, I work closely to white hat hackers (good people) and only wished your admin took the warning signs seriously.

5) Your forum was penetrated through SQL injection. Look it up for more information

6) I highly suggest you move to MyBB, for the love of god please do... (much more secure)

7) hack forums . org /showthread.php?tid=132862

8) Admin please look at http://www.milw0rm.com/ for more information and exploits to patch

9) I missed 4) out.

I wish you all the best.

[eggdavid]

^ LOL

Anyway, can we get the post deletion and Ignore functions back soon? I'm not bothered about the other aesthetical stuff, just want the rudimentary functions back.