How secure is the forum?

bitcoin.monger (OP)

Newbie

Offline

Activity: 14
Merit: 0

How secure is the forum?

June 20, 2011, 04:43:24 AM

Since today was not a good day for the Bitcoin community in general and MtGox in particular, I would like to ask a few questions about the security of this forum:

1. How are the passwords stored? What hashing algorithm is used?
2. Who has access to the database?
3. Is the forum vulnerable to attacks? Has it been tested for security holes?
4. Is there anything the users community can do to help?

Please feel free to add or answer any items. Thank you in advance!

1715588907

Hero Member

Offline

Posts: 1715588907

Ignore

1715588907

1715588907


	Report to moderator

1715588907

Hero Member

Offline

Posts: 1715588907

Ignore

1715588907


	Report to moderator

1715588907

Hero Member

Offline

Posts: 1715588907

Ignore

1715588907


	Report to moderator

The forum strives to allow free discussion of any ideas. All policies are built around this principle. This doesn't mean you can post garbage, though: posts should actually contain ideas, and these ideas should be argued reasonably.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.

1715588907

Hero Member

Offline

Posts: 1715588907

Ignore

1715588907


	Report to moderator

theymos

Administrator
Legendary

Offline

Activity: 5194
Merit: 12983

Re: How secure is the forum?

June 20, 2011, 05:26:33 AM

Quote from: bitcoin.monger on June 20, 2011, 04:43:24 AM

How are the passwords stored? What hashing algorithm is used?

It seems to be SHA-1 salted with the username, though I'm not totally sure.

Quote

Who has access to the database?

Gavin, Sirius, and me. Slicehost (and maybe Rackspace) also has access, since they host the server

Quote

Is the forum vulnerable to attacks? Has it been tested for security holes?

It uses SMF plus some mods and a small handful of custom changes. Hopefully SMF is well-tested and able to contain poorly-programmed mods

I did a cursory examination of all mods before installing them, but I certainly don't understand SMF enough to judge their security well.

Quote

Is there anything the users community can do to help?

Tell me privately if there are any security problems. I will fix them ASAP.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD

Bit_Happy

Legendary

Offline

Activity: 2100
Merit: 1040

A Great Time to Start Something!

Re: How secure is the forum?

June 20, 2011, 05:40:13 AM

How secure is the forum?

The default login does not use SSL, you need to manually change to https, how often do you remember to?

A serious question(?) about decentralization. | Homeless Token (HOME) You Can Make Good Honest Money By Helping People In Urgent Need. | +++ Positive Coin +++ Stay Tuned!

gigabytecoin

Sr. Member

Offline

Activity: 280
Merit: 252

Re: How secure is the forum?

June 20, 2011, 10:19:36 AM

Quote from: Bit_Happy on June 20, 2011, 05:40:13 AM

How secure is the forum?

The default login does not use SSL, you need to manually change to https, how often do you remember to?

Hrmmm why is this?

Pages: [1]

Bitcoin Forum > Other > Meta > How secure is the forum?

« previous topic next topic »