New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I would assume Solus would have alerted their customers if that was the case, or I hope so atleast.
So what was the real cause of all those vpses going down with @CVPS-Chris?
No, just Chris talking BS for a change. Phill had the code audited and found nothing wrong.
Even still, i also have the API's terminate function disabled, its easy enough to turn it on when a termination does come along.
HAH - I've had customers complaining about solusvm api not working with our billing systems and I was actually wondering about my original question. The second question was brought up by someone saying 'NO' - Because there had to be an exploit somewhere and I want to know where.
I know Chris isn't going to tell anyone... thought maybe someone knew someone that knew someone that heard what may have been exploited.
I'm very offended by your reply - you need to take that crap somewhere else.
So you are saying we are never going to know anyway? That's a good observation but you can't know all those things for a fact.
If you are so tired of seeing this on the forum you could go join another forum, and/or leave this thread instead of bashing me.
@CVPS_Chris has explicitly publicly stated that he had proof and could replicate the hacking [Source].
That was 10 days ago. By now i expect that he has handed over the describtion/PoC to Solus.
If he hasn't (either because he doesn't want to or he can't) then this would be yet another big failure of Chris. Maybe @CVPS_Chris or @soluslabs can comment on this?
Being a chicagovps client I do not believe there was a solusvm exploit.I do not exactly know what happened for losing 10 nodes but i do not believe chris has any proof nor he will tell the truth.
little birdie said the proof api also had issues and guess what? Proof also got hacked !!
but wait... it was on Central Backup also.. oh well...
No Autoboot?
It was considerably more than 10 nodes @imperio.
10 nodes = Chicago.
Saw the SolusVM controller get smacked this week too.
Then there have been who knows how many machines in the California cluster that have went haywire this week (1-5 servers by my estimate).
SolusVM exploit? I doubt it.
I'd resume business as usual with the API and let your customers have at it @Corey.
It's sort of dangerous for @soluslabs to comment anything at all at this forum because wherever he appears to explain something he gets attacked by some random hobbyists because some other non related things. I would like to see his comment about this too however maybe he just learned his lesson...
Was it not ~30 nodes?
His initial announcement was just ten nodes.
?
I know that you would enjoy to go into argument, enforcing your own opinion, etc, etc.. but honestly I don't care because strictly speaking about my statement it stand as it is and all rest will go again into trivial explanation "why, how, etc.." enforcing own opinion above others, etc Unless you feel that you're not "hobbyist" and if that's true and you feel insulted by that I honestly apologize you for this part of my statement
Do we all still believe in Santa Claus, the Easter Bunny and the Tooth Fairy?
They are as real as that mythical exploit in Solus.
No proof no cry
They will bring $1/2GB VPS soon.
@pubcrawler Is this your daytime job or you even try doing anything else. Get a life
It was 10, stop bending the truth. This will be my first and last post on this thread.
There was a problem with Solus, what exactly I cannot tell you, as you all know I am not a "tech". The only person that can fully explain it is Jeremiah, and since he has quit I cannot give anymore information as I was only relaying what he was telling me.
If you want to ask anyone what happened, its him, but he cant because of his NDA. So try again in one year? Now please leave my name out of this since I honestly cannot give anymore information.
Regards,
Chris
See, if you had stated exactly this one week ago a lot of unnecessary speculations and drama could have been avoided ;-)
any possibility it was a social engineering attack
Why did Jeremiah quit? Can you give him permission to speak with soluslabs?
Corey, chris already stated that they are talking with SolusVM however SolusVM did not yet confim that there is an exploit nor chigagovps contacted them.There is no evidence to believe what chris tells until SolusVM confirms.And for the jeremiah part i do not believe he is "tech" enough to explain an exploit.
http://i46.tinypic.com/21edvll.png
That is a very odd statement I guess I would have to see the whole ticket.
Chris also stated that Jeremiah is the only one that knows what happened and he has quit now so we have to wait 1 year for his NDA to come off.
@peppr, note that bud and the following!
I told you folks Chris and/or Jon had Jeremiah bent over with this NDA legalese crap.
[see: http://www.lowendtalk.com/discussion/comment/149416#Comment_149416]
8 DAYS AGO!
Seems to me that the NDA is being abused just to silence Jeremiah. These Buffalo folks don't want unmasked.
Jeremiah should go rogue on CVPS and CC. Fact is, both entities squeezed him out of his equity interest in CVPS and who knows what in CC.
Funny, all this talk of CVPS interacting with Solus. The only person with half a brain to describe the attack would be Jere and he's gone and slapped by NDA. So, of course there's no action on problem (if it exists) with Solus. Probably never was any interaction.
Bullshit. There's no way that this NDA covers Jeremiah releasing the details of this SolusVM problem. It's not a trade secret, nor ChicagoVPS's intellectual property or anything like that. And even if it did, Chris could easily say that it's okay for Jeremiah to discuss. Until it's released, I will be assuming that Chris and/or Jeremiah are planning to use it against other hosts, plain and simple.
@Corey Whole ticket : http://i.imgur.com/CedF9.jpg
@NickM, umm yep, I'd be concerned.
I've pointed the finger and asked about the repeated attacks on providers bringing similar competing offers to LEB/LET and their often immediate DDoS attacks immediately after posting their offers publicly.
Something foul is going on.
I am sure there must be more context in the ticket that we are not seeing here, Jeremiah is an excellent tech especially when it came to networking.