View Poll Results: Pointing Out Issues (Even If Annoying to Admins)
Good	7	50.00%
Bad	2	14.29%
Otherwise	5	35.71%
Voters: 14. You may not vote on this poll

Ad:

Geeks' Lounge Discussion Thread
Unsolved
Views: 4347

Page 1
2
3
4
Next

You are currently viewing page 1 of this multi-page discussion thread

Permalink

Aug 3rd, 2007

Ain't Misbehavin'

Expand Post »

Jus' havin' a little fun.

Tonight was most humorous and bewildering to me once again in the chat room.

There are moments there that folks talk the talk and walk the walk, but that is better done in the forums proper.

The chat room is the real lounge, IMO, and it's been a helluva free-for-all. Entertainment there, IMO, has been low-brow but quite excellent. Various technical issues are exposed and pursued with amusement and enjoyment.

For those that know we mean no harm, but relish enjoying the fringe elements of technology at moments, in a place that relatively few visit ATM, what is the problem?

Dash did Daniweb a favor with his exploit in terms of end results. I was a participant in exploring another realm of mischievousness (with others) in advance of a truly malicious person.

Is exposing issues with Daniweb a good thing or a bad thing? The work may suck with regard to fixing things. But I've always valued code testers who stay ahead of my game even though catch-up sucks.

[BTW, Dani, that's kinda what I mean about the "Evil Dave".]

Last edited by Dave Sinkula; Aug 3rd, 2007 at 3:16 am.

Dave Sinkula

Team Colleague

Reputation Points: 2780

Solved Threads: 312

long time no c

Offline

4,790 posts
since Apr 2004

Permalink

Aug 3rd, 2007

Re: Ain't Misbehavin'

So long as no real harm is done, I think finding bugs is extremely beneficial. Especially exploitable ones. Things like the XSS bug recently pointed out are very good to get fixed. Things like Rashakil's rep bot are less important and cause a stir, but I'd label it as mostly harmless (but not necessarily tolerable, entertaning as the fuss was).

Heck, I might have to start coming to the chat room

Infarction

Reputation Points: 683

Solved Threads: 53

Posting Virtuoso

Offline

1,580 posts
since May 2006

Permalink

Aug 3rd, 2007

Re: Ain't Misbehavin'

theres's a chat room?

hbk619

Reputation Points: 273

Solved Threads: 8

Master Poster

Offline

733 posts
since Oct 2006

Permalink

Aug 3rd, 2007

Re: Ain't Misbehavin'

There is an IRC chat:
http://www.daniweb.com/chat/

blud

Moderator

Staff Writer

Reputation Points: 154

Solved Threads: 18

Linux Reject

Offline

570 posts
since Apr 2004

Permalink

Aug 3rd, 2007

Re: Ain't Misbehavin'

Hopefully Dave and Josh aren't going to kill me for posting this - what happened was I was wondering if it was a bug that whenever you change your nickname in the IRC chat, the IRC page shows the member with the nickname you chose active (in other words, if I choose the nickname of "joshSCH" before he logs in, the IRC page would show the member joshSCH as active and posting). Then Josh and Dave changed their nicknames to the other's. Here's a little snippet of the log:

Quote ...

Evil_Dave is now known as joshSCH.
Josh: aw what
Josh is now known as joshSC1.
joeprogrammer: Heh >.>
joshSCH: Uh, hu-huh.
joshSCH: Hey Beavis!
joshSC1: shucks
joshSC1 is now known as Dav1.
joshSCH: I think capitalism sucks.
Dav1: lol
Dav1 is now known as Dav3.
joshSCH: Ree-ligion is my name, God is my game.
Dav3: hi everyone, I'm retarded
Dav3: I can't even spell my name
joeprogrammer: You guys crack me up.
Dav3: I need a smoke
Dav3:
• joshSCH prays for Dav3.
joshSCH: Dav3, have you found Jesus?
Dav3: Yes, I praise jesus without even thinking for myself!
Dav3: I just do what I'm told, and thats that!
joshSCH: Good.
Dav3: yes sir
joshSCH: Good.
• Dav3 bows to the master
Dav3: What is thy bidding, my master?
joshSCH: Stop playing with yourself.
Dav3: yes, sir. I have my woman, here.
joshSCH: Deflate her.

I thought it was kind of funny -- and stupid, but I certainly didn't expect them to get banned. I admit, I left before the whole thing was finished. But Dave does have a point: it's a vulnerability in the system. Exposing it isn't such a bad thing.

John A

Team Colleague

Reputation Points: 2240

Solved Threads: 338

Vampirical Lurker

Offline

5,055 posts
since Apr 2006

Permalink

Aug 5th, 2007

Re: Ain't Misbehavin'

haha.. it's cool, Joe. Yes, Dave and I were playing around a bit in the IRC, and at the same time exposing risks to Daniweb. We were able to change our nicknames, and trick the system into 'thinking' we were different members. While this may be easily uncovered by a simple whois query on our ips, some may still be fooled. I think everyone who registers at Daniweb should automatically have their nick registered in the IRC with the same password as their Daniweb account. And perhaps make people authenticate before using a nick (I'm no IRC guru, so I don't even know if this is possible). Right now this may not be a high priority for Daniweb, but I believe in the future the IRC may become more popular, and thus important to prepare now.

Last edited by joshSCH; Aug 5th, 2007 at 1:35 am.

joshSCH

Reputation Points: 1315

Solved Threads: 10

Banned

Offline

4,845 posts
since Jul 2005

Permalink

Aug 5th, 2007

Re: Ain't Misbehavin'

pointing out potential exploits to admins is fine. Doing so by writing and executing that exploit is definitely NOT fine.

jwenting

Team Colleague

Reputation Points: 1658

Solved Threads: 331

duckman

Offline

7,719 posts
since Nov 2004

Permalink

Aug 5th, 2007

Re: Ain't Misbehavin'

True, but the only way to discover some exploits is by trying it yourself.. Wouldn't it be better if a trustful daniweb member discovered something by testing the system through hacking rather than an unknown, potential threat?

joshSCH

Reputation Points: 1315

Solved Threads: 10

Banned

Offline

4,845 posts
since Jul 2005

Permalink

Aug 5th, 2007

Re: Ain't Misbehavin'

rashakil had to have known the hole existed before he started writing that exploit.
He should have reported that hole (plus possibly mentioning ways to abuse it) rather than execute the exploit.

What he did is the equivalent of breaking a rusty lock, clearing out the house, and leaving a note to the effect that you found that the lock was not secure.

jwenting

Team Colleague

Reputation Points: 1658

Solved Threads: 331

duckman

Offline

7,719 posts
since Nov 2004

Permalink

Aug 5th, 2007

Re: Ain't Misbehavin'

Way to go Joeprogrammer, you wern't even there for the bad part of the conversation which is why I banned them. How about thinking before posting. The one thing that I have to say is that pointing out the system, and abusing the system are completely different.

The comments that were made earlier in the conversation are so unacceptable, I won't even repeat them, as they are childish and stupid.

I am still looking at the possabilities to prevent abuse like this in the future, although, I'm sad that I would even have to consider such measures with our userbase.

blud

Moderator

Staff Writer

Reputation Points: 154

Solved Threads: 18

Linux Reject

Offline

570 posts
since Apr 2004

Page 1
2
3
4
Next

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in Geeks' Lounge Forum Timeline: The Biggest Mathematical Miracle in the World

Next Thread in Geeks' Lounge Forum Timeline: Oklahoma Police Kill 5-Year Old Boy While Shooting at Snake

DaniWeb Message

Cancel Changes

User Name
Password