Privacy issue resolved — explanation and post-mortem

Discussion in 'Forum News & Announcements' started by symplecto, Apr 20, 2017.

  1. symplecto

    symplecto (╯°□°)╯︵ ┻━┻ Staff Member

    Messages:
    4,859
    Likes Received:
    7,822
    Joined:
    Jul 11, 2014
    User ID:
    781,848,243
    What happened?

    Two days ago many users (myself included) started noticing a strange and perturbing bug with PF: randomly ending up logged in as another user who was currently using the site.

    As a result, we encouraged all users to log out of PF. This message was shared across the various Discord and LINE groups associated to PAD. I also spammed every subforum here with a "please log out" thread (which has since been deleted).

    How did this happen?

    This was not the result of malicious outside activity (i.e. hacking).

    As many of you know, PF has recently suffered significant downtime. As a result, last week the forum was switched over to new servers. The problem is due to a bug with engintron part of the new hosting software. You can read more about this here.

    What should I do now?

    It is unfortunately not possible to tell whether your account was accessed by another user. There is no need to change your password, but of course if you would like to then it can't hurt (it can never hurt to change your password!) If you have specific concerns about your account being accessed, please send me (or any other members of the mod team) a private message.

    On behalf of the forum administrator, and from all of us, we are very sorry that this happened. Thank you everyone for your understanding.

    --- The mod team.
     
    recife, tanpopo, Tsubakura and 18 others like this.
  2. Zaku

    Zaku Delete Kirin off your friendlists

    Messages:
    1,481
    Likes Received:
    1,452
    Joined:
    Dec 7, 2013
    PADherder:
    link
    I can't complain about actually being informed about the downtime this time around :^)
     
    YamaKyu, Tachii, nickjr and 4 others like this.
  3. Reni

    Reni Recchi is l-lewdddd

    Messages:
    1,360
    Likes Received:
    3,345
    Joined:
    Mar 15, 2014
    User ID:
    ᴺᴬ 315,091,284
    PADherder:
    link
    Glad everything was fixed and the forum runs smoothly now. Thanks Symp for the hard work! :) :tamadra:
     
  4. ArmYgeddon

    ArmYgeddon Comeback King

    Messages:
    960
    Likes Received:
    762
    Joined:
    Oct 13, 2015
    User ID:
    777,141,266
    PADherder:
    link
    *insert sarcastic comment about how symp sucks and that pf is ded, eu is ded, pad is ded*
     
    nickjr, Bluecheese, Myrcilium and 2 others like this.
  5. LaconicLeaf

    LaconicLeaf Explorer

    Messages:
    1,267
    Likes Received:
    144
    Joined:
    Jun 28, 2014
    User ID:
    361,619,372
    PADherder:
    link
    Bugged server mechanics. o_O
     
    LazarusPD, Tsubakura, nickjr and 5 others like this.
  6. Majora

    Majora Tilted off the face of the Earth

    Messages:
    773
    Likes Received:
    315
    Joined:
    Sep 23, 2014
    User ID:
    383,638,383
    Nice to see everything back to normal. Thanks staff members for all your efforts :D
     
  7. Derpinator

    Derpinator The Derpiest

    Messages:
    12,187
    Likes Received:
    4,901
    Joined:
    May 13, 2014
    User ID:
    374,010,307
    PADherder:
    link
    Why would you tell me to logout when I could have potentially logged in as Flanders? #sympworstmod #goback2eu
     
    LazarusPD, recife, Tsubakura and 5 others like this.
  8. symplecto

    symplecto (╯°□°)╯︵ ┻━┻ Staff Member

    Messages:
    4,859
    Likes Received:
    7,822
    Joined:
    Jul 11, 2014
    User ID:
    781,848,243
  9. Deft

    Deft SR388-resident

    Messages:
    764
    Likes Received:
    741
    Joined:
    Oct 16, 2015
    Thanks for the explanation and solution !

    one last question:
    could they send private messages ?

    ( Need to be sure those naughty message's from @*A44 were the real deal.... )
     
  10. symplecto

    symplecto (╯°□°)╯︵ ┻━┻ Staff Member

    Messages:
    4,859
    Likes Received:
    7,822
    Joined:
    Jul 11, 2014
    User ID:
    781,848,243
    @Deft no, they were the real deal ;)
     
    Deft likes this.
  11. TheSeiferOne

    TheSeiferOne Spiral Fist Star Angel Event Manager

    Messages:
    1,881
    Likes Received:
    1,084
    Joined:
    Mar 20, 2013
    User ID:
    364 034 295
    PADherder:
    link
    o no someone could see all the porn ive been trafficking via pms
     
    nickjr, Bluecheese and Myrcilium like this.
  12. mtb911

    mtb911 Master Teambuilder, Mediocre player

    Messages:
    1,355
    Likes Received:
    637
    Joined:
    Jan 14, 2014
    User ID:
    325,783,217
    PADherder:
    link
    Thanks to the Mods for all you do. I also appreciate that you responded when I reached out on Discord. I imagine you guys had tons of messages.
     
    nickjr and symplecto like this.
  13. bp1976

    bp1976 Pittsburgh, PA Born and Raised

    Messages:
    1,148
    Likes Received:
    1,109
    Joined:
    Dec 17, 2015
    User ID:
    325088348
    PADherder:
    link
    nickjr and symplecto like this.
  14. Tek7

    Tek7 Well-Known Member

    Messages:
    4,017
    Likes Received:
    2,513
    Joined:
    Apr 27, 2014
    User ID:
    311,707,382
    PADherder:
    link
    I manage XenForo forums for the online communities I lead, so I confess my first reaction to your post was, "Oh, thank the good Lord it's not an issue with XenForo itself."

    But then I felt convicted over my selfishness and realized that it probably took considerable time and effort to identify and resolve this issue.

    From someone who has suffered through more forum, server (e.g. game, VOIP, etc.), and content management system (e.g. WordPress, PostNuke, DotNetNuke, etc.) updates than I care to remember, I tip my hat to the mods and thank you for the time and effort you invest in this community.

    [​IMG]
     
    nickjr, Bluecheese and symplecto like this.
  15. foxwaffles

    foxwaffles Weak to pretty boys

    Messages:
    4,542
    Likes Received:
    4,303
    Joined:
    Oct 23, 2014
    PADherder:
    link
    Thank you so much for the hard work! Relieved to hear that it wasn't malicious or done by someone trying to extract personal information.
     
    nickjr, symplecto and Bluecheese like this.
  16. nickjr

    nickjr Pushbutton kouhai of whale senpais

    Messages:
    827
    Likes Received:
    753
    Joined:
    Jun 29, 2014
    User ID:
    323,009,341
    PADherder:
    link
    Thank you!! :D -dumps hugs onto you-
     
    symplecto likes this.
  17. Flandre

    Flandre Scarlet Devil Staff Member

    Messages:
    2,671
    Likes Received:
    1,564
    Joined:
    Oct 31, 2013
    kumomo, foxwaffles, symplecto and 2 others like this.
  18. MisterDrgn

    MisterDrgn You can't take the sky from me. Staff Member

    Messages:
    15,569
    Likes Received:
    3,405
    Joined:
    Dec 11, 2012
    User ID:
    314,332,299
    Yeah, this kind of thing is basically out of the mods' hands, as only the admin can fix it. But symplecto helped out a lot, in terms of communicating with the admin, testing potential fixes, and keeping people informed.
     
    Seanna, kumomo, foxwaffles and 3 others like this.

Share This Page