Beefy Boxes and Bandwidth Generously Provided by pair Networks Frank
There's more than one way to do things
 
PerlMonks  

Re^3: What happened?

by Corion (Pope)
on Jul 30, 2009 at 10:49 UTC ( #784566=note: print w/ replies, xml ) Need Help??


in reply to Re^2: What happened?
in thread What happened?

While I do understand the desire for more detailed information, we cannot tell you more than we know. Once we learn more of the details of the breach, we'll inform you, but I consider it useless to post hourly updates of "No New Information".

Also note that while we are taking the situation seriously, this site is still a hobby operation with people having a day job. This implies that we do not have pre-allocated time to handle such situations and not everybody has free time to spend working on the various things that need to be done currently.


Comment on Re^3: What happened?
Re^4: What happened?
by Zen (Deacon) on Jul 30, 2009 at 12:48 UTC
    That's not the issue. Read it again. The issue is that this site has everyone's email, so why not notify them there was a password leak? That's very relevant.
      (Update; sanitized )

      I think we should wait and see what the janitors say.

      I would not think perlmonks.org- a free site that helps me all the time- owes me to keep my retarded password safe- and oh how fwokring dare they not do x y and z -- - So.. I don't care.

      What I've learned from asking people online saved me a college education and the debt that comes with it.

        Great. I'm glad you feel like selling your identity to a group of folks who know better is a good idea. Sane people realize that it was a colossal screw-up, and that when you screw up you need to act responsibly. Part of being responsible here is to realize over 40,000 email/passwords spent two months with clowns before being published. These monks deserve to be notified.

        I remain mystified of the opinion of why we should blame the victims, here (a classic mistake). There is some expectation that passwords are indeed secrets. Plaintext passwords are clearly anything but. Even if users had chosen better passwords, or used unique passwords to this site (a lot of us did, including myself), the reality is they are plaintext email/password pairs for 40,000+ addresses. A lot of people, most certainly, can be seriously hurt in real life. I understand from the cb this morning this has already occurred. So lets take this seriously, shall we? No more pooh-poohing hashed passwords. I will also write later a notification proposal.
Re^4: What happened?
by Anonymous Monk on Jul 30, 2009 at 17:50 UTC
    you don't have time to loop around a single email user list that simply says that perlmonks was hacked, please see site for info? I'm perplexed...

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://784566]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (7)
As of 2014-04-17 03:46 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    April first is:







    Results (439 votes), past polls