Win a copy of Cross-Platform Desktop Applications: Using Node, Electron, and NW.js this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

message to the web admin. of this site  RSS feed

 
Joy Jade
Ranch Hand
Posts: 81
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I just updated my profile today because I didn't put an email address when I joined. After I updated it and decide to go back again and read if the update took effect, I was shocked to see a link on my profile, "http://www.xxxseduction.net/Kurt/ " , which I didn't put. Good thing I visited my profile again and replaced it with "none" on the homepage.
My question to the admin of this site, how did this happen? Is this site vulnerable to hacks too?
Thanks.
 
Jim Yingst
Wanderer
Sheriff
Posts: 18671
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's possible someone's found a way to obtain passwords of other people. If you use the same password on other accounts (as many people do), then it's also possible that any one of those accounts has been compromised (either before or after the JavaRanch account) and the attacker is using that password to exploit other accounts. I'd recommend changing all your passwords on any accounts you have that used the same password.
It's also possible your system has some sort of virus which puts things in your copy/paste buffer without your realizing it. Seems unlikely, but it couldn't hurt to give your system a thorough virus scan if you haven't already. A good free antivirus program is AVG, available here. (If you do find anything which might account for your problem, please let us know.)
We're not currently aware of any particular problem with security here, and you're the first person to report a problem like this. But I suppose it's possible someone has found a problem. Let's just say that, having looked at the insides of the Perl code which the forums run on, it wouldn't surprise me at all if someone found a bug. :roll: (We're working on a modern Java-based replacement under our own control.) If we do get more info about a bug, I doubt we could publicly discuss it here. Not much anyway - can't tell everyone else how to make the attack. However, anyone who has additional infomation, or finds that their own account seems to be tampered with, should contact us privately. I'd recommend sending an e-mail to my address listed here. Actually it would be helpful if you don't edit your account info to fix the problem, until after we look at it.
Hope that helps...
 
Pradeep bhatt
Ranch Hand
Posts: 8933
Firefox Browser Java Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Actually it would be helpful if you don't edit your account info to fix the problem, until after we look at it.

Do you track the changes made?
 
Jim Yingst
Wanderer
Sheriff
Posts: 18671
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Some info may be available. Can't really discuss in detail.
 
Joy Jade
Ranch Hand
Posts: 81
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks
 
Dixon Alexander
Ranch Hand
Posts: 48
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Huh,
Thanks for looking out for us...
Don't share anything that might implicate members :-)
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!