Northwest Kiteboarding
Forum | Classifieds | Lost & Found | CGKA | Industry | Sensors | Forecast | Spots | Seattle | Decals | RSS | Facebook

Events | Photos | Search | Register | Profile | Log in to check your messages | Log in 

NW Kite Hackers

 
Post new topic   Reply to topic    Northwest Kiteboarding -> Gorge / Portland / Oregon Coast
previous topic :: next topic  
Author Message
moondog

Since 15 Aug 2007
556 Posts
white salmon
Addicted

CGKA Member


PostSun Aug 04, 19 6:19 am    NW Kite Hackers Reply with quote

I'm wondering if there is an solution to keep the barrage of hackers off this site. This year seems unusually prolific, they must be preparing for our 2020 election!
_________________
moondog

View user's profile Send private message Send e-mail
Venturedsome

Since 08 Jul 2011
624 Posts

Instructor



PostSun Aug 04, 19 8:18 am     Reply with quote

The phpBB software running is old, really old. Attempts to upgrade have been difficult. The phpBB forum software and database are easier than the nwkite skin/theme that was heavily modified. I ran out of time Sad Maybe some new blood with more time can contact phil to give it a go?

Dan

_________________
www.venturedsome.com
www.freeridekiting.com

View user's profile Send private message Send e-mail
WindSki

Since 14 Dec 2012
335 Posts
Portland
Obsessed



PostSun Aug 04, 19 3:01 pm     Reply with quote

FYI
I'd donate $$ if needed

View user's profile Send private message
shred_da_gorge

Since 12 Nov 2008
826 Posts

Opinionated



PostSun Aug 04, 19 3:05 pm     Reply with quote

It's all Kip's fault... Wink

View user's profile Send private message
wylieflyote

Since 30 Jun 2006
1418 Posts
Puget Sound & Wa. Coast
XTreme Poster



PostSun Aug 04, 19 3:11 pm     Reply with quote

shred_da_gorge wrote:
It's all Kip's fault... Wink


gEEZ... Because of this NWkite advice I hardened up my Firefox with a ton of tweaks. Sucks trying to remember passwords again. I have a rapidly aging brain. Smile

_________________
CGKA Member
-------
Kip Wylie

View user's profile Send private message
shred_da_gorge

Since 12 Nov 2008
826 Posts

Opinionated



PostSun Aug 04, 19 5:56 pm     Reply with quote

Passphrases my friend. Longer is better (that's what she said), so make it easy on your brain. Mix cases and run stuff together; throw some numbers in instead of spaces (you can just change the numbers in case you need to rotate). Bury a contextual keyword in the phrase specific to the site you're signing up for so you're not using the same passphrase everywhere. 15 characters might seem like it would be hard to remember, but when done properly it's much easier than 8 random individual characters... create a memorable 'template' for your passphrases. Most password hacking is done with scripts and algorithms, not human analysis (by dark figures in hoodies).

View user's profile Send private message
bigjohn

Since 13 Mar 2012
438 Posts

Obsessed



PostMon Aug 05, 19 6:03 pm     Reply with quote

www.lastpass.com
_________________
Kiting starts at 40MPH

View user's profile Send private message
shred_da_gorge

Since 12 Nov 2008
826 Posts

Opinionated



PostMon Aug 05, 19 8:55 pm    OT: BreezeBy Reply with quote

Speaking of hacking, I was on the Port of Hood River BreezeBy site today and selected "Remember Me". Stored my password in cleartext in a local cookie. How rookie!

Update: I informed them and they plan to fix it in the next release. If you've used this feature, I recommend you find where the "password" cookie is stored for the site and delete it. Your credit card info should be safe from disclosure because it's stored with Verisign and not actually printed out with your account info. Kudos to them for taking security seriously.

Last edited by shred_da_gorge on Tue Aug 06, 19 6:41 pm; edited 1 time in total

View user's profile Send private message
deminimis

Since 15 Jul 2014
287 Posts
On the Rocks
Obsessed



PostTue Aug 06, 19 1:27 pm     Reply with quote

If you would, please drop me a PM when you find NEW ones and I'll delete the post and block the user. It's like playing whack a mole. Cleaned up much of what was left on here, so just new posts please. Thanks!

View user's profile Send private message
Jonpnw

Since 22 Jul 2010
1219 Posts
Pacific Northwest
XTreme Poster



PostFri Aug 09, 19 4:06 pm    Holy Shit !! Reply with quote

We must tighten the hatches ? The moles are going f*cking crazy . What can we do?
_________________
Slingshot | Ride Engine |Try before you buy | PM me


Join the Columbia Gorge Water Sports Association. http://gorgewindsurfing.org/

View user's profile Send private message
bigjohn

Since 13 Mar 2012
438 Posts

Obsessed



PostFri Aug 09, 19 9:47 pm     Reply with quote

No new accounts without a referral.

I don't know what it would take to change the signup process but it seems to me that since the focus of this site is Gorge/Portland/Oregon Coast that anyone who wants to sign up for an account and doesn't already know somebody should be able to contact local kiteboarding schools and shops to get a referral.

It might be nice to have a sticky with a list of such sources just for the newbes to the sport.

_________________
Kiting starts at 40MPH

View user's profile Send private message
shred_da_gorge

Since 12 Nov 2008
826 Posts

Opinionated



PostSat Aug 10, 19 8:01 am     Reply with quote

I don't like the referral idea because it prevents people planning to visit the area from commenting because you have to be signed up to PM someone to ask to refer you to sign up - Catch-22.

How hard is it to implement CAPTCHA on signup?

http://www.captcha.net/

"I am not a Robot"...

There are other solutions out there; my company uses a commercial solution where you're presented a picture and then you drag and drop the matching picture into a box. You could program your own where you present a static photo and have a multiple choice radio box answering the description of what's in the photo. Even without rotating images/answers you will likely prevent a great deal of this crap - get your account creation hard to automate and you'll solve this problem with the 80/20 approach.

I don't have spare time to program anymore but I do have some spare money to help solve the problem and I'm sure I'm not the only one. What help do you need?

View user's profile Send private message
lineman

Since 05 Feb 2009
130 Posts

Stoked



PostFri Aug 16, 19 6:46 pm     Reply with quote

Does anyone know what these hackers are trying to accomplish?
They have made their way to Ikite also....

View user's profile Send private message
morecoffee

Since 24 Aug 2011
13 Posts

 



PostFri Aug 16, 19 8:09 pm     Reply with quote

lineman wrote:
Does anyone know what these hackers are trying to accomplish?
They have made their way to Ikite also....


Contextual relevance for the link they're spamming. They give zero fucks about nwkite or kiteboarding, it is just getting their selected text out there with the hyperlink in locales that search engines weight greater than zero.

It's like when someone tags the emergency exit of your apartment building. You gotta be out there the next day with the goof-off or paint roller, otherwise more tags accumulate.

Last edited by morecoffee on Fri Aug 16, 19 9:15 pm; edited 1 time in total

View user's profile Send private message
deminimis

Since 15 Jul 2014
287 Posts
On the Rocks
Obsessed



PostFri Aug 16, 19 8:28 pm     Reply with quote

I've changed registration. Now requires admin approval and a code when registering. Hopefully that will stem the tide.

I tested it out. Works. That should be that (for now). Other Admins: New accounts require approval. We all will get emails as needed. ONLY click the link if approving the request. Since a code is now required when registering a new account, we should immediately see a drop in Bot registrations.

Manual registrations are still a problem. Other admins, please just check the user name before approving. Already getting those attempts.

Fingers crossed.

View user's profile Send private message
Post new topic   Reply to topic    Northwest Kiteboarding -> Gorge / Portland / Oregon Coast All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum