Please update the forums

Unless one uses the same password on other sites (banking for example) that one uses here, there isn't much risk.

There are other valid reasons for upgrading the forum, namely, the user experience (such as a fully responsive site for phones and tablets, drag/drop of image uploads, etc.)
 
tom.w.bn said:
I don't use the buy and sell section here. No relevant personal information there?
Click to expand...

No, since the RFF only accepts Paypal as payment for ads. Paypal does not reveal credit information to a seller.

splitimageview said:
Unless one uses the same password on other sites (banking for example) that one uses here, there isn't much risk.

There are other valid reasons for upgrading the forum, namely, the user experience (such as a fully responsive site for phones and tablets, drag/drop of image uploads, etc.)
Click to expand...

The RFF is working on a major upgrade, so your point has been considered. 🙂
 
There has been publicity recently around hacks of boards:
http://www.pcworld.com/article/3095...n-leads-to-ubuntu-forums-database-breach.html
for example.
As is made clear even accessing e-mail addresses alone can lead to users being targeted with phishing mails. I would rather there was no complacency such as "nothing really" as although I do not some members, and I know it is not admins duty to protect them, will use passwords here that could be exploited elsewhere.
 
Stealing zillions of login credentials from this board IS an issue.

Even though all the above comments are true:
- some RFFers will be reusing passwords.
- hacker could make better connection of screen name to real name for lots of purposes
- owners credentials could be taken, enabling RFF server to be used for bad acts

The lesson is to keep things up to date.

Now, everyone is using a UNIQUE & COMPLEX password here, right?

All of you are taking updates on your PCs and especially your web browser immediately, right? Automatically is best?

And, finally, you are all using a password manager program, right?

These are today's good security practices.
 
ColSebastianMoran said:
Stealing zillions of login credentials from this board IS an issue.

Even though all the above comments are true:
- some RFFers will be reusing passwords.
- hacker could make better connection of screen name to real name for lots of purposes
- owners credentials could be taken, enabling RFF server to be used for bad acts
Click to expand...

I have used many personal servers. The only one that was hacked by installing a rootkit was rented from DELL, and as I remember managed by a Sprint data center. In that case the hacker took over many machines.

I don't believe any individual programmer can protect a server, that is why I stopped hosting completely 15 or so years ago, I just did not want the liability. I don't personally worry much about computer hacking, but I see social engineering as more of a problem for individuals. You are certainly right about using the same password everywhere.

But many machines, especially unused university Unix and Windows machines are hacked not by humans but bots. They don't want credentials they want your machine for a botnet. Sure updating VB helps, but oddly the latest version is likely to be open to more zero day attacks, than a system where all the vulnerability in a system is well known. So security updates are important, version upgrades not always good.

Protecting yourself, not easy -- you do what you can. I worry more about my banks than the RFF, or even Facebook, or Twitter. I suggest never putting a real "mother's maiden name" on a server, or using anything but a sentence as a password, but it may all be my personal voodoo. Be careful of password apps, some are poorly encrypted, or outdated. I personally prefer encrypted folders of my own.
 
ColSebastianMoran said:
The lesson is to keep things up to date.
Click to expand...

Well, sort of. In fact, and very much to the contrary of the marketing blurb in the originally linked site, rented servers are the ones most at risk, as they come with many extensions not needed (and hence not controlled by the user), and are subject to bulk attacks against thousands of servers - it is the five day old breach in the most common and popular platform that will see almost all attacks. A lonely server using a outdated, unfashionable software platform kept tightly updated with security fixes is about the most secure server you can have.
 
sevo said:
Well, sort of. In fact, and very much to the contrary of the marketing blurb in the originally linked site, rented servers are the ones most at risk, as they come with many extensions not needed (and hence not controlled by the user), and are subject to bulk attacks against thousands of servers - it is the five day old breach in the most common and popular platform that will see almost all attacks. A lonely server using a outdated, unfashionable software platform kept tightly updated with security fixes is about the most secure server you can have.
Click to expand...

I was not so precise, but those were my exact experiences over the years.

e.g. Ancient Perl apps we wrote as MySQL front ends were never bothered. 🙂 You can't beat a bespoke app, without useless extensions.
 
A move is underway in the background to Xenforo.

What is taking time is not the forum discussions move, but having proper gallery and classified software, plus a home page similar to the home page RFF has now.

We are having to write our own Xenforo add ons.

Stephen
 
Thank you to the team behind the planned changes it seems my and others concerns are understood and your feedback is appreciated.
 
It's pretty easy to dedicate an email address for forum use.
I have one for all the forums I log into. (all 3)
They are not synced to any devices or purposes.
It's not an airtight security measure but does give some piece of mind.
It's never completely safe online but really neither is having a snail-mailbox.
 
You must log in or register to reply here.

Similar threads

F
The Lens Repair Apocalypse: Repair Shops INUNDATED with work, and will get worse.
2 3
Replies
55
Views
4K
WoodallP
WoodallP
J
  • Article Article
What exactly is a point & shoot camera? Glad you asked!The Kodak of 1888 may have been the first, and even Leica got into the act!
Replies
17
Views
873
Mos6502
Mos6502
J
  • Article Article
The Rise, Fall, and Resurrection of the 110 Format By 2009, 110 was kaput. Lomography brought it back! Part 2: A selection of fascinating 110 cameras.
2 3
Replies
41
Views
4K
Timmyjoe
Timmyjoe
J
  • Article Article
What's happening with Photographic Film in 2025? Is this robust niche still growing?
2 3 4
Replies
71
Views
7K
wlewisiii
W
renguney
Russar 20mm F5.6 - Viewfinder - CLA of the mounting part for archival
Replies
3
Views
438
renguney
renguney
Back
Top Bottom