Oolite Bulletins

CheeseRedux wrote:

(Except for the link in new tab thing. I still prefer that.)

On that one I completely agree with you (I hadn't noticed it until now).

Forcibly opening links in new tabs is a horrible, horrible habit, and I’m certainly not going to go out of my way to make it happen.

Actually it wasn't tabs, but links used to be opened in a new window.

At least for external links I find that sensible. If I for instance follow a link to some find on the web from some Outworld thread (like e.g. the one with the moon monolith), I prefer to get a new window. I can read it, possibly follow other links (which invariably happens if the external link was to tvtropes ), finally close the whole window and find myself back where it all began in the original window. I don't want to use the "page back" button umpty times in order to get back to the boards.

The same goes for links to the Elite Wiki. I like them to open in a separate window as an independent resource which I can consult alongside the thread, rather than having to go back and forward to and from the thread.

Commander McLane wrote:

Actually it wasn't tabs, but links used to be opened in a new window.

That's what I thought CR meant, new window... this was very useful.
The 'open new windows in new tabs' thing is a browser preference.

Commander McLane wrote:

At least for external links I find that sensible. If I for instance follow a link to some find on the web from some Outworld thread (like e.g. the one with the moon monolith), I prefer to get a new window. I can read it, possibly follow other links (which invariably happens if the external link was to tvtropes :oops: )

No-one’s saying you can’t have a new tab/window. Every browser has commands and shortcuts to do it with any link. What most lack is an “open this right here” command for links which override normal behaviour.

Commander McLane wrote:

Actually it wasn't tabs, but links used to be opened in a new window.

This must be browser and/or OS related then, because for me (Opera/WinXP), links invariably opened in a fresh tab.

Other than that, your reasonings (including, I'm afraid, the tvtropes bit) are in perfect accord with mine.

Yep, I used to get new tabs, too, using Ubuntu/Chromium. I preferred that system with external links; with others I'm quite happy for it to remain in the same tab.

CheeseRedux wrote:

Commander McLane wrote:

Actually it wasn't tabs, but links used to be opened in a new window.

This must be browser and/or OS related then, because for me (Opera/WinXP), links invariably opened in a fresh tab.

Other than that, your reasonings (including, I'm afraid, the tvtropes bit) are in perfect accord with mine.

I only know how it works with Safari. There you can set the preferences to open links in new pages or tabs.

And like Ahruman wrote, you can still open links in tabs with Safari by Cmd-clicking the link. (You can define this in preferences) I assume other browsers have similar options.

Warning?

The e-mail account that I use for all things Oolite got hacked yesterday.

And I know I've been a bad boy: that account had the same password as here (I have oodles of passwords, so it happens rarely, but it does )


Sooooo.... Very probably the hackers got their hands on the passwords from this place, I have no other explanation (it was not a dictionary attack)


So it might be a good idea to change passwords?

Rxke wrote:

Warning?

...

So it might be a good idea to change passwords?

Done.

Thanks for the heads up!

So wait, the passwords were stored in plaintext somewhere? Surely some mistake?

I'm not saying that, but it seems like a very creepy coincidence.

Might be just that, coincidence....

Phantom Hoover wrote:

So wait, the passwords were stored in plaintext somewhere? Surely some mistake?

No, the passwords are stored as MD5 hashes within the phpbb database. If they were to be acquired by a black hat gaining access to the board's MySQL database they could be decrypted (cracked) but even then the process takes time.

For best security, don't use the same password everywhere, and change your passwords regularly.

So the reported password compromises cannot have been through a brute-force attack on the database?

As I understand it the databases are not stored on the same machine as the files that make up the site. It was the machine hosting those files that was hacked (hence the databases not being lost). A brute force attack would not work as the databases weren't directly exposed.

It is possible (although unlikely) that as a result of that hack the databases may have been made vulnerable if a cracker got to configuration files for this board and decrypted the MD5 password hash for database access (since changed, multiple times and securely), allowing that cracker to access and then to decrypt some of the MD5 password hashes.

If you use the same password for the board as you do for any other site associated with the email address you use here, then your access here and to those other sites may be at risk. Therefore we're advising you change your password here and to change any passwords that are the same as the one you use here.