New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Ubuntuforums.org hacked
There has been a security breach on the Ubuntu Forums. The Canonical IS team is working hard as we speak to restore normal operations. This page will be updated regularly with progress reports.
What we know
- Unfortunately the attackers have gotten every user's local username, password, and email address from the Ubuntu Forums database.
- The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu
Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP.
- Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.
Progress report
- 2013-07-20 2011UTC: Reports of defacement
- 2013-07-20 2015UTC: Site taken down, this splash page put in place while investigation continues.
Comments
sad to see this
What software were they using? Or did they have their own forum software?
A security breach other than the spyware Ubuntu puts in its bloated 12.1/13.04 distro to track users' desktop searches?
vBulletin
Really glad that my password was something like eYhn14%HS#L@TNC@%kAdTsPnm6sGRuq2*4b
whew..
#edgy
I don't find that too worrying considering you can turn that off and the US government is probably at Google, Facebook and many other places snooping around where they shouldn't.
hell i cant even remeber visiting that forum and yet i get an email from them regarding the breech. Mustve been back in 2005
#yolo #swag
Sucks, I was just about to install on my older desktop or laptop.
How do you want to install a forum installed on some remote server on your desktop?
That's too bad. However, I don't think the UbuntuForums is ran by Canonical, is it?
Good thing it was not an important forum... i.e. https://bbs.archlinux.org/
It is.
Domain whois:
I can't disagree with that. Life of an average arch
masochistuser without SUPPORT forum would be living hell :P/joke ;-)
Ubuntu was using proprietary vbulletin software? Quite ironic isn't it?
No?
You don't see the irony in an open source project using proprietary software for its support forums?
There is no open source alternative to vB, therefore they is also no irony in using it.
Right tool for the job. As much as I am one of the biggest opensource advocates you will meet, doesn't always mean it is the right choice. If proprietary fits better than oss then proprietary will be used.
@gsrdgrdghd sure there is. mybb, phpbb, punbb, smf etc. There is a long list of alternatives.
Alternatives to vBulletin. Not "forum software".
@awson said:
vbulletin is forum software and these are the open source alternatives. Ubuntu can build a linux distribution so it sure as hell can build a site on open source forum software.
Show me one forum the same size as Ubuntuforums that uses phpBB oder myBB
I don't know exact size of ubuntuforums as it's down however there are some quite big phpBB forums like:
http://forums.mozillazine.org/ - Total posts 4508062 • Total topics 847009 • Total members 397212
http://www.bokt.nl/forums/ - Totaal posts 84.634.441 | Totaal topics 1.675.934 | Totaal leden 224.322 (!!!)
http://forums.southparkstudios.com/forum/ - Total posts 677032 | Total topics 22138 | Total members 726504 |
http://forum.ubuntu-it.org/ - Totale messaggi: 4384266 • Totale discussioni: 513913 • Totale iscritti: 160233
http://forum.joomla.org/ - Total posts 2797778 | Total topics 670262 | Total members 613865 |
http://forum.sky.it/ - Totale messaggi: 7383465 • Totale argomenti: 371305 • Totale iscritti: 671300
https://forums.virtualbox.org/ - Total posts 257995 • Total topics 54492 • Total members 65769
http://forums.xkcd.com/ - Total posts 3310439 • Total topics 59179 • Total members 304566
http://forums.gameservers.com/ - Total posts 255128 | Total topics 45059 | Total members 66400
http://www.hbgames.org/forums/ - Total posts 775411 | Total topics 53981 | Total members 40807
http://www.conquerclub.com/forum/index.php - Total posts 3767391 • Total topics 125242 • Total members 637709
http://arstechnica.com/civis/ - 14 million posts (!!!)
(those are random pick, there could be some bigger)
I'm part of a project with big numbers, moving away from vbulletin was something I'd rather we hadn't done - but we needed more flexibility. We evaluated most of the open source offerings and myBB came out on top.
However I noticed pretty much all of them seem to use more resources and are slower than vBulletin was.
Members have made a total of 1,440,000 posts in 155,000 threads.
We currently have 146,600 members registered.
The most users online at one time was 5,000
So many "hacks" running around these days.
Mybb should handle is and its easy to customize.
We are running myBB purely from the customisation point of view - however it uses significantly more resources than vBulletin ever did and isn't as responsive.
Then why not test phpbb or even xen