• Sign up or login, and you'll have full access to opportunities of forum.

Ralphus's site "GIMP Forum" hacked

Go to CruxDreams.com
SkatingJesus

SkatingJesus

King of the Crux Hill
Hi everyone.

I don't know if some of you often go to ralphus.net, but it seems that the site had been hacked a few hours ago.
And for obvious reasons, I don't think these 2000$ would end in something like a coronavirus fund...

Hope this forum won't get hacked too in a near future... :(

SJ
 

Attachments

  • ralphus.jpg
    ralphus.jpg
    119.8 KB · Views: 304
SkatingJesus said:
Hi everyone.

I don't know if some of you often go to ralphus.net, but it seems that the site had been hacked a few hours ago.
And for obvious reasons, I don't think these 2000$ would end in something like a coronavirus fund...

Hope this forum won't get hacked too in a near future... :(

SJ
Click to expand...

That’s scary!
 
Eulalia said:
A worrying piece of news - thanks @SkatingJesus

Ralphus's site "GIMP Forum" hacked

Hi everyone. I don't know if some of you often go to ralphus.net, but it seems that the site had been hacked a few hours ago. And for obvious reasons, I don't think these 2000$ would end in something like a coronavirus fund... Hope this forum won't get hacked too in a near future... :( SJ
www.cruxforums.com

Cruxers all - please let us staff know if you spot anything suspicious here.
Click to expand...
As a detective, I have to say that EVERYTHING here is suspicious!:r:
 
Eulalia said:
Cruxers all - please let us staff know if you spot anything suspicious here.
Click to expand...
Not really a report on suspicious activity, but I believe it'd be better if we can move to HTTPS. For non-technically oriented people, not using HTTPS means that any data (including your login information) you send to the server can be read by anyone in the same network.

As such, it became almost a norm nowadays for websites to use HTTPS to prevent such a problem, so I think it could be prudent to consider adopting the same approach, if we are concerned about potential security breaches like that.
 
fallenmystic said:
As such, it became almost a norm nowadays for websites to use HTTPS to prevent such a problem, so I think it could be prudent to consider adopting the same approach, if we are concerned about potential security breaches like that.
Click to expand...
HTTPS will not protect against direct attacks on the server infrastructure (such as admins failing to apply Linux kernel patches) but definitely help with many other issues.

And of course it's true that the technical consensus today is to use HTTPS for everything, and to phase out HTTP in general.

I've tried to make the argument for that in the past, beginning here, http://www.cruxforums.com/xf/thread...a-current-member-youll-find.7720/#post-491531

but there is a strong anti-HTTPS consensus in the admin team and since they call the shots, that is how it is going to be.
 
malins said:
but there is a strong anti-HTTPS consensus in the admin team and since they call the shots, that is how it is going to be.
Click to expand...
I don't think that's the case - in truth it's not a matter on which we 'call the shots', though we can draw the site-owner, Image Maker's, attention to the question. But he pays the bills and deals with the service provider, XenForo, and any such change would be for him and them to agree on and implement.
 
I have got this Information from Ralphus:

„Hi Z

Thanks for writing. Yes, we were hacked yesterday by cyber-terrorists demanding money. I have web.com working on attempting to retrieve an older version of the site so it can be restored. The tech thinks there's maybe a 75% chance of success, which still means there's a 25% chance that we're likely gone for good, at least in this format. It's been a stressful time and I don't know how things are going to end. Keep checking in to see if there's any change, and of course, hope for the best.

Ralphus“

Let the Cyber-Gangsters rot in the hell....or better endless roast on the Witch Chair!
 
I believe ImageMaker has things arranged so our site is backed up regularly, if we were crashed, it should be possible to retrieve all but the most recent content, the last fortnight or so.
 
Aside from the security risk, I think the biggest issue of remaining with HTTP could be a negative image it could give to potential new users, especially when we are dealing with such controversial subjects already.

As some of us have noted earlier, it's pretty much a concensus among the IT technicians that HTTPS is a must for any website which demands sensitive information from users like login credentials, and browsers already started showing a warning if a site still uses HTTP:



It's likely that they'll make the warning more prominent in future and may even prevent accessing such a website unless the user explicitly opt-in, like it is the case with websites with broken HTTP certificates currently.

So, I believe it'd be better if we could move to HTTPS sooner than later.
 
You must log in or register to reply here.
Back
Top Bottom