What is Digg?127 Comments
- Tarmas, on 10/12/2007, -1/+32Direct translation: "a pound of tuft"
Real meaning: "ain't worth *****" - mikeazorin, on 10/12/2007, -0/+23http://www.google.com/search?q=%22Viewing+profile%22+%22FuntKlakow%22&hl=en&lr=&start=90&sa=N
More accurate, EVERY single one of them is a profile. - Mike89, on 10/12/2007, -0/+16To me, it doesn't look like a "mass hack" at all. For the few posts it's made (on the forums mentioned in the article), it has a signature with a referal URL in it - to get clickthroughs ;). I thought maybe they were trying to raise their Google ranking but it'd seem they just want to get free stuff - no?
- tempusrob, on 10/12/2007, -1/+17I really despise that "when it's popular, it'll be hacked" logic. It depends on the notion that all software is equally insecure, which is unquestionably not true...
- Flashman, on 10/12/2007, -2/+18243,000 search results for "FuntKlakow": http://www.google.com/search?q=funtklakow
- gookie, on 10/12/2007, -4/+16Yeah, and when it's popular enough, it will the subject of the next hacks. It doesnt make it better. Although I use it as my main forum. Just being fair.
- ufoq, on 10/12/2007, -1/+12FuntKlakow is a polish word ;)
- deut, on 10/12/2007, -1/+12I hear what you are saying and agree with some of what you say.
However....
Have you considered the fact that the very reason phpBB is attacked so often is because of its popularity? It's no different to Win32 viruses in this regard. Hax0rs will aim their code at the platform most likely to spread their code, it's as simple as that.
As for vBulletin, I like it as well. But, do you really think there are *NO* vulnerabilities in it? - nato64, on 10/12/2007, -0/+11Holy cow, it registered on my forum this morning! I completely erased him now. He only made one post and it was obvious it didn't have anything to do with what was on the forum. Thanks for the news!
- travis9, on 10/12/2007, -0/+10a more accurate google search might include the inurl: operator in order to discern actual registered accounts from noise generated about said registered account. I chose to use inurl:viewprofile to only see the profiles for said bot. This may not be accurate but is certainly far better and less alarming that the previous search.
Results 1 - 10 of about 27,100 for funtklakow inurl:viewprofile
www.example.com/forum/profile.php?mode=viewprofile&u=&sid=
http://www.google.com/search?q=funtklakow+inurl%3Aviewprofile - snapya, on 10/12/2007, -10/+20Is this a good time for me to recomend that everyone who has a phpbb forum to move to an SMF( http://www.simplemachines.org/ ) forum it is very easy to migrate to SMF from phpbb. And to all you phpbb users you will not be able to use all the hacks/mods and skins for phpbb in SMF bu smf is way more secure!
- emka, on 10/12/2007, -0/+9funt kłaków = pound of tufts
:) - Flashman, on 10/12/2007, -1/+9"Funt" means "pound", but what's "Klakow"?
- thenativeraver, on 10/12/2007, -0/+8"more visitors to y our web site"
I saw that too, I think it may just be a way to spam forums. - inactive, on 10/12/2007, -2/+8Just ban the damn thing, duh!
phpBB is a great forum system, I know that there are other good forums but phpBB is also a very good and robust forum system. - Emptythought, on 10/12/2007, -15/+21i hate to say it, and will probably just get thumbs-downed.
but its your own goddamn fault for using phpbb, I've completely lost count of the number of times it's been exploited.
i can think of 1, maybe 2 when vbulletin has.. and a few more for IPB(mentioned because those are basically the top 3, if you count phpbb)
as has been said earlier in the thread, there are many alternatives and really no upside to using phpbb - TestFar, on 10/12/2007, -0/+6in the posts it has made, it looks like its just being used for advertising on one of those 'make money on the net' schemes.
e.g. http://www.buensoft.com/phpbb/viewtopic.php?p=142&highlight=#142
(in the sig?) - SniperX, on 10/12/2007, -1/+7This potential hack has nothing to do with it being open source. It's merely a problem because phpBB is so popular, thus it was the decided target. All they did was write a bot to search for and register to phpBB forums, probably not for potential exploits, but just because it's easies to write a script/program to register for one particualar forum type, and phpBB is one of the more popular.
A Solution for this is to implement a good image text verification system. - serra, on 10/12/2007, -3/+9I can't wait to see what (if anything) comes of this.
- inactive, on 10/12/2007, -3/+8I went the other route, decided all the existing forum software sucks. Wrote my own. Have been using it for eight years.
- arrrrrg, on 10/12/2007, -2/+7In the words of Monty Python: Spam, Spam, Spam, Spam, Spam, Spam, ... Why would you register in advance of unleashing a worm? That doesn't make any sense. This story is just another baseless sensationalist headline that's made it to the frontpage.
- rft3rd, on 10/12/2007, -0/+5i perosnally like all the auto post garbage it does.. "ditto", "i didn;t think of that", "I agree completely"
intersting to say the least. - serra, on 10/12/2007, -1/+5You know, I actually just realized that I have a forum (inactive site that I have been procrastinating on), and I see that it registered on there too. (04 Mar 2006)
- Brennan, on 10/12/2007, -0/+4Either that or he's going for the biggest goatseing ever.
- kurosen, on 10/12/2007, -3/+6same thing occured on mine as well... I just deleted the name :p
- LordRahl72, on 10/12/2007, -0/+3Well after having FuntKlakow register on my board I figured it was time to enable some extra security measures.
- schnibble, on 10/12/2007, -1/+4I got 252,000 on google, 5 hours later than Flashman. It could be that this is popular query, so google is tuning up, or that is 12 000 comps per 5 hours (2400/hour, 40/minute). If it is based on some worm, then this rate could grow exponential... Interesting to see how it spreads.
- richmastaplus, on 10/12/2007, -0/+3Only on digg would I see a story that actually related to me. I noticed this dude registered to my forums just a few hours before I saw it on digg but I did not suspect an attack. It's good to see this hit the front page because if something does happen alot of people got a heads up :)
- cyssero, on 04/18/2009, -0/+3My first thought was, not again. Second thought was, damn, he registered on my forum too!
I have admin activation on anyway so 90% of registrars don't get in. Funny enough I googled him too thinking I could find out more info on the person and saw a lot of results. I just thought "spambot" and continued with the day. Probably only that, I hope? - spling, on 10/12/2007, -0/+3Found it on my board. Banned. Digg++
- NejiKun, on 10/12/2007, -0/+3If you take a look here:
http://www.tweedmag.com/talk/search.php?search_author=FuntKlakow&sid=cb5f69214f90559d48fd7f776ed05dec
You'll see that all the posts made by "FuntKlakow" are pretty much the same....weird...sounds more like a machine to me. - Switch22, on 10/12/2007, -0/+3I had this user register on 04 Mar 2006 , and now I've been massed spammed, http://22pixels.com/forums/memberlist.php?mode=joined&order=ASC&start=250 (FuntKlakow is number 288, there are a few lagit and the rest are bots, all 159 pages of them). I have 7950 registered bots register from 18 Mar 2006. I don't know if its linked, but I'm going to have a tough time getting rid of these things.
I did have a auto-ban bot mod, but FuntKlakow got around it once or twice, these other bots haven't been able to it seems. - silhouette88, on 10/12/2007, -1/+4I didn't think of that. I agree completely. ;-)
- inactive, on 10/12/2007, -0/+3I *found* this one....LOL
http://www.phpbb.com/phpBB/profile.php?mode=viewprofile&u=239902 - hutchy, on 10/12/2007, -3/+6i bet your a windows user, talk about hypocritical?
phpBB has vunerabilities. That's because it's programmed by humans, software created by humans is never going to be bulletproof. You should be thankful that there is such a robust and free piece of software available which is on par with the paid equivalents. - h2d2, on 10/12/2007, -0/+2This is one of the reasons I wrote my own signup routine for phpBB integrated with my site.
No profile.php?mod=register, no worries... - tgraham, on 10/12/2007, -0/+2Surely some clever chap doing a bit of SEO related stuff?
- g0zer, on 10/12/2007, -0/+2"captchas: because blind people don't exist!"
- emka, on 10/12/2007, -0/+2lol
another Polish word :)
budowa cepa = structure of the flail - porplem, on 10/12/2007, -0/+2One registered on one of my boards as well, I just banned the username and deleted the account. I'm also enabling the captcha, which I really should have done anyway. :/
- metrofeed, on 10/12/2007, -0/+2The email address given for the user is socialinfohub.com (not an active domain), but perhaps it's some sort of tracking bot for message boards?
- TestFar, on 10/12/2007, -0/+2
http://www.google.co.uk/search?q=Cepelin
^^ Another bot, judgeing by the comments its made it was made by the same person... - Madh2orat, on 10/12/2007, -0/+2Just enable visual confirmation, it will keep the automated bots out, which keeps most all bots out.
- gmailgeoff, on 10/12/2007, -1/+3Yes, the problem with phpBB is popularity, as many have cited. But why do people cite this as if to discount the validity of that fact that running phpBB is a security liability that can be avoided by running a less popular system?
I am a sysadmin for a server on which a number of forums are hosted (mostly phpBB, to my chagrin, but a few vBulletin and invision boards) and the frequency with which phpBB is targeted is absolutely staggering to me. By comparison, vBulletin and invision haven't been targets of attacks (on my server) one single time. Are either of them unpopular? Heck no. Are either of them less feature-rich than phpBB? Not in my opinion, no.
The time and frustration I've paid out in repairing and recovering from phpBB attacks to my clients' forums has cost me far more than it's worth. Is it the fault of phpBB? No, often not directly. But just as running Windows makes you more vulnerable to MS-targeted worms, running phpBB makes you more vulnerable to devils like Santy.A.
Digg. - bloodclot, on 10/12/2007, -0/+2WOW this is really gonna be serious, i counted 3 bots from him so far.
http://www.google.com/search?hl=en&q=%22viewing+profile%22+%22budowa_cepa%22&btnG=Google+Search - plasticated, on 10/12/2007, -0/+2Yep, was registered on my board. I have banned it - thanks for the heads up! Digg
- tek1024, on 10/12/2007, -1/+3I had this same kind of problem--over 200 spambots registered on my boards. But they were, thankfully, all in one block and I could delete them with a SQL query in phpMyAdmin. Let's say you had 178 valid registrants, but everyone from that point on was a spambot in disguise; the following would delete all of them in one fell swoop:
DELETE FROM `phpbb_users` WHERE `user_id` > 179
I have not tried deleting in a bounded range, but according to DELETE syntax, it should work by just adding "and" after the first conditon, such that if you had a block of 150 valid users, 200 invalid spambots , and 150 more valid users, you could say the following:
DELETE FROM `phpbb_users` WHERE `user_id` > 150 and `user_id` < 350
Hope that helps! - festivalman, on 10/12/2007, -1/+3Anyone thinking vbulletin is less vulnerable than phpbb is wrong. They release exploit patches probably about once a month. The difference is that they have a plugin system so that you can secure your board in literally 5-10 seconds vs. 10-15 minutes with phpbb's manual process.
- festivalman, on 10/12/2007, -2/+4Anyone notice how DnH500 "blogged this post" in the upper right of this page, but all it is, is an RSS aggregator that shows his own ads for digg articles. He has no original content on there. Ban his ass!
- DD32, on 10/12/2007, -0/+1from same page:
"Other » My personal blog one big mess"
It seems its just a blog for other stories he Likes, and probably shares it with others... anything wrong with borrowin news stories from digg? Its the same as borrowing them from some others news site.. -
Show 51 - 100 of 120 discussions
Check out the new & improved 
© Digg Inc. 2009
— Content created and posted by Digg users is