Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Website security


  • Please log in to reply

#1
AquarianEssence

AquarianEssence

    Member

  • Member
  • PipPip
  • 15 posts
Hi. I wasn't sure which forum this fit in so chose here. I frequently visit a forum to give charitable time and have noticed some weird things that makes me doubt the safety or security of the site. They have a free service there where registered members can create astrological charts, which of course, contain birth data. People have had problems where the wrong chart gets posted or they click on someone's link posted in a forum thread and it shows one of their own charts that has never been posted publicy by her. The administration claims it is only showing that way on her screen, not in public and is a simple glitch in the software or her computer. I receive many private messages there and when I am replying I often see someone else's pm title of the body of someone else's message shown below the reply window. So far they seem to be going to the person intended but a different title or subject line may appear. So far the admin hasn't replied to inquiry to these problems. Some time ago 200 pms were deleted within a matter of 2 minutes, coincidentally within an hour of someone contacting me for a private paid consultation. :) The admin claims the action came from my computer but I am sure that isn't true. This is the only place it ever happened and there was no activity going on from my activity at the time of the deletion. They sent me a log of the activity trying to convince me I had a hacker but I ran every scan available and nothing to show this is so. Again, no problem with any other site.

So, my question is, are people's private data safe at this site and what might be causing these problems. Thanks for any ideas or comments.

Connie
  • 0

Advertisements


#2
CamTheMan

CamTheMan

    Member

  • Member
  • PipPipPip
  • 222 posts
Hi Connie, I'm Cameron :) I noticed you weren't getting any responses maybe I can give you some advice.

Edited out a software link to a product that is unknown and not yet commercially available.

Another hing to try and do which is important is always keep your forum up to date when a upgrade or patch comes out for it install that upgrade or patch. Also what forum are using? Vbulletin,Invision Power Board,phpbb,etc..? I think problems like are in the forum coding and make of it. I would think a hacker has worse things to do to a site rather then sending out PMs and deleting them and what not....

Hope it helps,
Cam

Edited by sari, 23 April 2008 - 04:12 PM.

  • 0

#3
AquarianEssence

AquarianEssence

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Hi Cameron. :) So nice to meet you. It isn't my forum. It belongs to Astrodienst I think they must write there own software because I don't see it powered by anyone, only a copy write notice at the bottom for Astrodient. I volunteer some times there doing readings for people and teach the craft. So it is probably do to their code then? How would they delete all my pms accidentally with code? It only happened once and to no one else as far as I know.

Thanks for the link and reply. :)

Connie

Edited by AquarianEssence, 23 April 2008 - 12:24 PM.

  • 0

#4
Major Payne

Major Payne

    Retired Staff

  • Retired Staff
  • 5,307 posts
No particular answer to your question, but just wondered if the site's URL started with https:// when you were suppose to be on the secure parts of the site and/or if it has a certificate? Really sounds like somebody hasn't got all their ducks in a row for allowing people to share or not share what is suppose to be secure data. The databases may be open to anyone even though some parts not set to public should never get loaded to anyone's computer.

Curious Ron
  • 0

#5
CamTheMan

CamTheMan

    Member

  • Member
  • PipPipPip
  • 222 posts

Hi Cameron. :) So nice to meet you. It isn't my forum. It belongs to Astrodienst I think they must write there own software because I don't see it powered by anyone, only a copy write notice at the bottom for Astrodient. I volunteer some times there doing readings for people and teach the craft. So it is probably do to their code then? How would they delete all my pms accidentally with code? It only happened once and to no one else as far as I know.

Thanks for the link and reply. :)

Connie

Nice to meet you too (:

When i said code I meant like the make up of the forum like you write lines of code in the form of php files and other types on a server which operates the forum and all those lines of code functions the forum.

Only thing I could think of the PM deletes is maybe someone got their way in the admin panel maybe and manually deleted the PMs, this would be even easier if they custom built the forum like you suggested, There could be alot of bugs and ways to get inside and manipulate the forum depending on the person who built it and his/her knowledge and experience. I've never built a forum or any of that I've just owned a couple forums and messed with code and modifications etc for it. If it was me and weird things kept happening I would talk with the owner about putting something that is pre-made and is proven to be stable from vonurablities. I recommend http://invisionpower.com/ I've used it before it's easy to use and customize.

Hope this helps....
  • 0

#6
AquarianEssence

AquarianEssence

    Member

  • Topic Starter
  • Member
  • PipPip
  • 15 posts
Thanks. Yes, I understood what you meant about the code. I just said it goofy. The only person what would gain by deleting my pms is the owner and they claim I did it. I think you're right though, with the other problems. They wrote the software and it has vulnerabilities so it mixes things up. They probably haven't responded to people making them aware because they haven't discovered where the problem is coming from to be able to fix it. At least I have more understanding now. Thank you.
  • 0

#7
CamTheMan

CamTheMan

    Member

  • Member
  • PipPipPip
  • 222 posts
Your welcome :)

Major Payne and I will be here for you need any help on this just post back.

Thanks,
Cameron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP