Hacked

Home for all your discussion of basketball statistical analysis.
Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Thu Apr 21, 2011 5:57 pm

Thanks.

EvanZ
Posts: 912
Joined: Thu Apr 14, 2011 10:41 pm
Location: The City
Contact:

Re: Hacked

Post by EvanZ » Fri Apr 22, 2011 11:35 am

Crow, you're awesome! I love going back and reading these old threads that I otherwise wouldn't have.

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Fri Apr 22, 2011 1:42 pm

Evan, I am glad you find value in looking at the recovered threads.

ed küpfer
Posts: 13
Joined: Mon Apr 18, 2011 9:58 pm

Re: Hacked

Post by ed küpfer » Fri Apr 22, 2011 3:31 pm

Thanks for posting the old threads, although I am mortified to see some of my old stuff there. <shiver>

DSMok1
Posts: 905
Joined: Thu Apr 14, 2011 11:18 pm
Location: Maine
Contact:

Re: Hacked

Post by DSMok1 » Fri Apr 22, 2011 6:47 pm

ed küpfer wrote:Thanks for posting the old threads, although I am mortified to see some of my old stuff there. <shiver>
It's all we've got, since you hardly post any research in the public domain anymore!
Developer of Box Plus/Minus
APBRmetrics Forum Administrator
GodismyJudgeOK.com/DStats/
Twitter.com/DSMok1

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Fri Apr 22, 2011 7:22 pm

Ed, I found and loaded a few of your old threads before I realized I needed to take extra steps to get the graphics. I previously went back and backfilled a few and I did a few more now. if any are still missing or messed up, mention it and I might take another look.

Bobbofitos
Posts: 306
Joined: Sat Apr 16, 2011 7:40 am
Location: Cambridge, MA
Contact:

Re: Hacked

Post by Bobbofitos » Sun Apr 24, 2011 11:24 am

Apbr forces me to log in each visit - any chance this gets fixed?

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Mon Apr 25, 2011 12:24 am

With the help of Justin's files I recovered an additional 60+ threads or needed fragments bring the total recovered threads to something close to 225. That's as far as I am going unless a compelling thread or topic comes to mind later or is raised by others.

Mike G
Posts: 4429
Joined: Fri Apr 15, 2011 12:02 am
Location: Asheville, NC

Re: Hacked

Post by Mike G » Mon Apr 25, 2011 4:58 pm

Excellent continuing recovery work.
Guess I'll repeat the request that an Archives sub-forum be created, and that authors or others can then import relevant threads into current discussion, etc.

It might be more positive and pro-active to actually express preference for this, rather than merely drop objection to it.

Another suggestion: perhaps thread title could be made to read, for example :

Hot Hand or Hot Head? (Sandy Weil, Mar. 2009)

Otherwise, it appears the thread is created by Crow in April of 2011.

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Mon Apr 25, 2011 5:57 pm

What to say or not to say... I guess I'll say the following to explain my view. Hope it comes across mainly as explanation.

If admin wants to create an archive sub-section and move threads there he can. I see no need or real use to be more "pro-active" for it at this point since my recovery work is essentially done now unless an important topic with significant other threads is identified and there was no response to my shift from 'didn't really want' an archive sub-section to "having no reservation or objection". I wasn't "actively for it" because I don't see any meaningful difference between having a sub-section or the way it is now and not much difference between what I said about "having no reservation or objection" and being "actively for it". I said what I felt.

Perhaps I could spend more time bumping new threads to the very top above the last recovered threads if that is a part of your objection. I did that several times before. (More time...) I almost voiced on the subject a third time to advocate for a sub-section to avoiding the old above the new issue but by a certain point I didn't expect to get an answer and was trying to work around it with some sensitivity to admin. Hence the use of the miscellaneous grab-bag thread for less prominent threads. A sub-section that I could accomplish... in part to try to respond to your preference, a preference not raised by anyone else.

We got what I happened to do. If an official archive sub-section had been set up I would have shifted new postings into it and maybe the ones already done. It wasn't set up.

The titles don't have author name visible from the index page.., but it is immediately stated first thing when a thread is opened and actually read. No one who reads the thread should be mistaken about first author. Anyone who reads the hacked thread should catch on to what caused the recovered threads to appear different. Perhaps I could have added authors in titles if the issue had been raised earlier or if I had felt less rushed; but it wasn't raised earlier and that wasn't a priority when I thought I might be racing to beat the deletion of the google cache.

Adding them to the title might help slightly (if a person's decision to read a thread is based heavily on first author or authors really want to see their name on the index page). I'll consider the suggestion (though that makes titles longer and less clear and adds to page depth and to me it is the subject that matters most and the first author is not the only participant or important participant in a thread anyways). But I'll also consider how much time I've already put into the thread recovery project. How long would going back in and adding authors to titles take? Is it another half-hour, hour or more like 2 hours? I am not sure. The site keeps signing me out today adding to the hassle factor.

But I am sure I smashed thru and far beyond my original intention of time devoted to the project. Time that I thought might inspire more similar action by others. I can tell you for sure I won't spend any time at all transferring threads from one place to another at this point. Think on the threads as recovered by Crow (with notable assistance from helpful new member Justin), not authored by. I'd hope the recovered material more than offsets this "shortcoming".

I understand your suggestions. There are some imperfections and perhaps some confusion. That is the way it went. Maybe I shouldn't have said all this, but I am a bit tired out by the project and wasn't looking forward to giving it even more time.

Regardless, I went back in and added your name & date to the title of your threads as a courtesy to partially address your request. And I bumped a lot of threads again and added a post explaining the current state of recovered threads. If anyone else feels strongly about having their name in the title, you can mention it and maybe I'll take more time to add it. I don't know if I'll do it broadly. I am not feeling the need or desire to do so at the moment.
Last edited by Crow on Thu Apr 28, 2011 5:51 pm, edited 4 times in total.

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Mon Apr 25, 2011 7:52 pm

Kevin,

Are any further steps available or being taken to avoid future hacks? I know the very old Sonics forum on the sonics side of sonicscentral.com apparently got hacked and lost a few years ago and then the site apparently got hacked again a week and half ago.

Has any information been uncovered about the hacker's web address or means of exploit and has that been reported to phpbb and has anything come of it or has anything been learned from it?


Are any steps being taken to backup the data? Do you want or need anyone with knowledge and interest in these things to assist you? (that isn't me)

Justin
Posts: 12
Joined: Sun Apr 17, 2011 6:25 pm
Location: Portland, OR
Contact:

Re: Hacked

Post by Justin » Wed Apr 27, 2011 7:22 pm

I'm not 100% on this, but it's highly likely this board wasn't singled out for attack. Phpbb is a pretty popular piece of software and exploits are constantly discovered and patched. Most of the time a hacker will simply search Google for vulnerable forums based on a certain filename (example: http://www.securityfocus.com/bid/33995). In this case, a hacker would search for ucp.php (http://www.google.com/search?aq=f&sourc ... &q=ucp.php), scan the results, and attempt an automated exploit on each result that looks like it can be exploited.

The best way to avoid being hacked is to stay on top of software updates. I hope there are proper database backups now! Most decent hosting services usually offer some type of push button backup service for a pretty low price.

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Thu Apr 28, 2011 5:01 pm

The miscellaneous recovered thread now has a list of topics by thread page in the first post for easier finding of what you want to read within it.

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Wed May 04, 2011 8:02 pm

Crow wrote:Kevin,

Are any further steps available or being taken to avoid future hacks? ...

Has any information been uncovered about the hacker's web address or means of exploit and has that been reported to phpbb and has anything come of it or has anything been learned from it?


Are any steps being taken to backup the data? Do you want or need anyone with knowledge and interest in these things to assist you? (that isn't me)

Any response to these questions?

Will you share any detail about the administrative response to the event? Any specifics regarding site level recovery considered, undertaken, on-going or possible in the future?
Last edited by Crow on Wed May 04, 2011 8:27 pm, edited 2 times in total.

Crow
Posts: 6249
Joined: Thu Apr 14, 2011 11:10 pm

Re: Hacked

Post by Crow » Wed May 04, 2011 8:04 pm

Justin wrote:I'm not 100% on this, but it's highly likely this board wasn't singled out for attack. Phpbb is a pretty popular piece of software and exploits are constantly discovered and patched.
That maybe so, but I searched google and a phpbb discussion board at the time and found no reports of Phpbb hacks or widespread Phpbb hacks on that day.

Post Reply