Your attention is desired regarding a security issue

[Vene]

...Faust assumes there are no womens on the internets ITT...

/being a real shit today, sorry...

Womens have mandatory sex changes when they log onto the internet.

170% troof (which is 1% more troof than 169%)

[Faust]

Wait. Why the hell does Enki have data like this?

Because you and every other registered user can. Its not THAT major an issue, but it was one that needs to be addressed.

What exactly did Enki do, if you can say without compromising securitay.

Put simply, he hosted a file on his server that contained data only a Logged in member here should be able to see, such as msn, aim or contact emails, thus making them publicly available on google.

It seems you don't think it was malicious.

Can you say why or why not?

Because the thread was printed in its entirety and was placed in a folder called stories. There is no problem with someone saving a thread to stick it in a hope chest for better days or whatever as long as its not put out into the public domain.

[Payne]

http://www.principiadiscordia.com/forum/index.php?topic=20535.0

Yeah, I was wondering why I was receiving much more spam than usual, but I only shrugged my shoulders said something like "meh" and then pressed delete. (well, after taking advantage of some REALLY good deals).

Payne
Eve
Fred
Richter
The Other Anonymous
Hoopla
Hawk
the TGRR account (currently unused)
P3nT
LMNO
Nigel
Burns
Jenne
BDS
RWHN
the Cain account (currently unused)
Cram
Honey
Sheered Völva    ( )

are all that posted in that thread.

danke

NP, maestro.

Reckoned when it came to making these kind of announcements I should help out.

~~~Payne: Finding ways to become less of a Freelance Bum for at least a couple weeks now.

[Payne]

And yeah, I doubt Enki was being malicious. Just being Enki. ie; All wrapped up in his own awesomeness and missing little details here and there.

I'm in much the same boat as RWHN, here. The hotmail account I set up for PD'ing is fine for trashing with spam. It's the one I use for anything that might end up giving me fucktons of spam anyway. I would have imagined that'd be the same for anyone who is making these details available to logged in any and all members of PD in the first place, though of course I may be wrong.

[the last yatto]

spags should know better to host files without previewing them,

speaking of which HEY LIZARD DID YOU get the newer inttermitten nine uped yet?

[Triple Zero]

What exactly did Enki do, if you can say without compromising securitay.

Put simply, he hosted a file on his server that contained data only a Logged in member here should be able to see, such as msn, aim or contact emails, thus making them publicly available on google.

It seems you don't think it was malicious.

Can you say why or why not?

It was just a literal save of a thread. just as you would get when you press ctrl-S in your browser*. The thing is that includes the email and IM links, which you can normally only see when you are logged in. So if you save a thread like that, you shouldnt put it on the internet without stripping those email and IM links from it.

*except the HTML tags were stripped from it

[Faust]

I think this has served its purpose, I'm going to de-sticky it this evening.