Bitcoin Forum
December 03, 2016, 12:38:53 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 [4] 5 6 »  All
  Print  
Author Topic: RFC: new forum software specifications  (Read 15246 times)
theymos
Administrator
Legendary
*
Offline Offline

Activity: 2492


View Profile
October 08, 2011, 09:02:20 AM
 #61

theymos, other than the plug-ins and addons that are being used right now that wouldn't work with the update, is there any reason why the board hasn't been updated to the newest release? It has been out for over 3 weeks now and would at least be a hold over until a new system is made/chosen.

This version is still supported. 2.x is not more secure, so moving to it would be a waste of time.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
1480725533
Hero Member
*
Offline Offline

Posts: 1480725533

View Profile Personal Message (Offline)

Ignore
1480725533
Reply with quote  #2

1480725533
Report to moderator
1480725533
Hero Member
*
Offline Offline

Posts: 1480725533

View Profile Personal Message (Offline)

Ignore
1480725533
Reply with quote  #2

1480725533
Report to moderator
1480725533
Hero Member
*
Offline Offline

Posts: 1480725533

View Profile Personal Message (Offline)

Ignore
1480725533
Reply with quote  #2

1480725533
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 09, 2011, 12:57:38 AM
 #62

theymos, other than the plug-ins and addons that are being used right now that wouldn't work with the update, is there any reason why the board hasn't been updated to the newest release? It has been out for over 3 weeks now and would at least be a hold over until a new system is made/chosen.

This version is still supported. 2.x is not more secure, so moving to it would be a waste of time.

Theymos, I say stay with the SMF 1.x, hire a PHP security expert to harden it properly, and build on top of it. That maybe the fastest & most effective solution to current situation.

Of course, PHPBB, vBulletin and IPB are much more powerful and have many more plugins avaiable, but this one is not that bad, if you fix all the security problems. Talking perfomance, using dedicated well-written caching you can probably achieve similiar speed in any of the forum systems.

talpan
Full Member
***
Offline Offline

Activity: 228


View Profile
October 12, 2011, 12:23:42 AM
 #63

theymos, other than the plug-ins and addons that are being used right now that wouldn't work with the update, is there any reason why the board hasn't been updated to the newest release? It has been out for over 3 weeks now and would at least be a hold over until a new system is made/chosen.

This version is still supported. 2.x is not more secure, so moving to it would be a waste of time.

Theymos, I say stay with the SMF 1.x, hire a PHP security expert to harden it properly, and build on top of it. That maybe the fastest & most effective solution to current situation.

Of course, PHPBB, vBulletin and IPB are much more powerful and have many more plugins avaiable, but this one is not that bad, if you fix all the security problems. Talking perfomance, using dedicated well-written caching you can probably achieve similiar speed in any of the forum systems.

+1

In general speaking: the latest SMF is the most secure forum in existens.
I really don't want to know how many zero-day exploits are out there for other forums.

SMF itself is well written, has a lot of good features, not to much like other software.
And it's very easy to extend it via SSI.php.

I see no reason to switch to another forum.
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 12, 2011, 11:18:40 AM
 #64

theymos, other than the plug-ins and addons that are being used right now that wouldn't work with the update, is there any reason why the board hasn't been updated to the newest release? It has been out for over 3 weeks now and would at least be a hold over until a new system is made/chosen.

This version is still supported. 2.x is not more secure, so moving to it would be a waste of time.

Theymos, I say stay with the SMF 1.x, hire a PHP security expert to harden it properly, and build on top of it. That maybe the fastest & most effective solution to current situation.

Of course, PHPBB, vBulletin and IPB are much more powerful and have many more plugins avaiable, but this one is not that bad, if you fix all the security problems. Talking perfomance, using dedicated well-written caching you can probably achieve similiar speed in any of the forum systems.

+1

In general speaking: the latest SMF is the most secure forum in existens.
I really don't want to know how many zero-day exploits are out there for other forums.

Of course you are not aware that Bitcoin Forums has been quite recently hacked, and it was SMF's fault ?

I wouldn't say that SMF is any more secure than other forums. I have had default PHPBB 2.x & 3.x installations on my sites for years, and guess what - no hacks at all.

So be careful when you post such bold claims next time.

Gerken
Member
**
Offline Offline

Activity: 112



View Profile
October 12, 2011, 12:16:35 PM
 #65

He said the latest version, the forum hadn't been updated when the compromise happened.

error
Hero Member
*****
Offline Offline

Activity: 574



View Profile
October 12, 2011, 03:44:06 PM
 #66

He said the latest version, the forum hadn't been updated when the compromise happened.

You realize that SMF put out an update fixing the vulnerability, only AFTER the hack?

15UFyv6kfWgq83Pp3yhXPr8rknv9m6581W
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 12, 2011, 04:19:54 PM
 #67

He said the latest version, the forum hadn't been updated when the compromise happened.

You are wrong, SMF 1.x is still supported, so it was the latest version.

TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
October 12, 2011, 05:02:57 PM
 #68

How often do zeroday exploits get used to attack other forum backends and how fast are their developers at providing a fix after that?

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
bosschair
Member
**
Offline Offline

Activity: 110


View Profile
October 12, 2011, 10:44:13 PM
 #69

So we should add this to the spec for the new forum software:

  • No zero-day exploits and/or architecture which makes it easy and fast to patch such exploits
cruikshank
Member
**
Offline Offline

Activity: 84


View Profile
October 13, 2011, 02:27:12 AM
 #70

You are wrong, SMF 1.x is still supported, so it was the latest version.

Um, just because something is still supported, doesn't make it the latest version. That would be like calling XP the latest version of Windows.

1JvnFCbMXAyeooPggF9snLAeg3A2QVV8eh
TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
October 13, 2011, 02:40:35 AM
 #71

So we should add this to the spec for the new forum software:

  • No zero-day exploits and/or architecture which makes it easy and fast to patch such exploits
Didn't they fix the forum in not much more than a day or so?

Anyway, you can never know whether you don't have a zero-day or if you just haven't found it yet.

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 13, 2011, 07:58:33 AM
 #72

You are wrong, SMF 1.x is still supported, so it was the latest version.

Um, just because something is still supported, doesn't make it the latest version. That would be like calling XP the latest version of Windows.

To be precise, if something is supported, then that means all security vulnerabilities should be fixed.
So it is the latest, in the terms of being most patched, version from 1.x branch.

And Microsoft is a very bad example of how to fix security vulnerabilities, that company is fucked up beyond compare.

cruikshank
Member
**
Offline Offline

Activity: 84


View Profile
October 13, 2011, 08:32:07 AM
 #73

The example didn't have anything at all do at all with MS's vulnerabilities.

1JvnFCbMXAyeooPggF9snLAeg3A2QVV8eh
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
October 14, 2011, 02:06:54 PM
 #74

The example didn't have anything at all do at all with MS's vulnerabilities.

Yes it has, because you gave WinXp as an example.
WinXP is not a good example of how to call something "supported" or not.

Microsofty-supported != generally-supported.

TiagoTiago
Hero Member
*****
Offline Offline

Activity: 616


Firstbits.com/1fg4i                :Ƀ


View Profile
October 14, 2011, 07:19:46 PM
 #75

Just the other day i received like more than 10 security updates on my WinXP install...

(I dont always get new reply notifications, pls send a pm when you think it has happened)

Wanna gimme some BTC for any or no reason? 1FmvtS66LFh6ycrXDwKRQTexGJw4UWiqDX Smiley

The more you believe in Bitcoin, and the more you show you do to other people, the faster the real value will soar!

Do you like mmmBananas?!
BadBear
v2.0
Administrator
Legendary
*
Offline Offline

Activity: 1652



View Profile WWW
October 14, 2011, 07:22:52 PM
 #76

Just the other day i received like more than 10 security updates on my WinXP install...

How many times did you have to restart?   Cheesy

1Kz25jm6pjNTaz8bFezEYUeBYfEtpjuKRG | PGP: B5797C4F

Tired of annoying signature ads? Ad block for signatures
Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
October 14, 2011, 07:37:41 PM
 #77

This thread is pure lulz... 500BTC/$2000(at current prices) to develop a full fledged forum software...

yeah, right...  Roll Eyes

Or you get someone to do it and it will be utter crap.

Why do people around here want to reinvent the wheel is something i always wondered.

On the other hand, if what you want is end up with something like http://bitcoinweekly.com/ ok, code it from scratch...

bosschair
Member
**
Offline Offline

Activity: 110


View Profile
October 14, 2011, 08:34:01 PM
 #78

On the other hand, if what you want is end up with something like http://bitcoinweekly.com/ ok, code it from scratch...
What's wrong with bitcoinweekly.com?  Not enough bells and whistles for you?  The only difference between that site and one you'd think was fabulously web-2.0 is a bit of CSS.
talpan
Full Member
***
Offline Offline

Activity: 228


View Profile
October 14, 2011, 10:58:22 PM
 #79

Why do people around here want to reinvent the wheel is something i always wondered.

Raoul Duke
aka psy
Legendary
*
Offline Offline

Activity: 1442



View Profile
October 15, 2011, 02:45:31 AM
 #80

On the other hand, if what you want is end up with something like http://bitcoinweekly.com/ ok, code it from scratch...
What's wrong with bitcoinweekly.com?  Not enough bells and whistles for you?  The only difference between that site and one you'd think was fabulously web-2.0 is a bit of CSS.

No, I was talking in the sense of re-inventing the wheel... And don't say it's only CSS that's missing. For someone who tries to be a weekly "magazine" of some sort I'm sure that there are a lot of features missing in the backend and frontend.

Pages: « 1 2 3 [4] 5 6 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!