300 joins a day

Edit: anal !!!!

sometimes software writers and companies behind them leave exploits for their own nefarious intentions.

sometimes one need only ask, why, to see the reason.

They were alerted about these issues a whopping 7 MONTHS AGO. Luckily (?), very few use ES so this didn't blow too hard.

Lets try reading ..... server, not software
say it a few times

Until about 2 months ago, anybody with any Epoch account could view or cancel the members of any other Epoch client. It took them about 6 months to plug the hole.

interesting reading brad's response. mistakes happen move on nonsense. you are a hypocrit brad. you fuck with a lot of companies and post false statements all the time. you make personal slams also with false statements.

you are a self-serving sick piece of shit.

I wish you a slow and painful death and look forward to more great examples of how inept you are with technology.

Evan

Evan, you wished me a slow painful death in 1999. But here I still am. I am not going anywhere. Well I do need to run down to the secret service office in Dallas at 1pm.

fix your sig ass

To be more specific, your sig image is broken and it's being pulled from a password protected area, which is prompting everyone for a name/password.

thanks
http://www.starterupsteve.com/gfy/noobpaddle.GIF

I planned that 4 months ago, just to piss you off

i feel honored

You bet ya :1orglaugh

Sucks when stuff like this happens but I'm going to have to respectfully disagree with the "all programs have their weaknesses" philosophy I'm seeing in this thread.

That's just not an accurate statement.

This industry is plagued with "cool idea, build it quick, release it to have a market advantage over any potential competitors" mentality and if that's how you operate then sure, the software you put out into the market will be vulnerable.

Some of us (ok, me specifically) don't operate with that mindset and the programmer I use approaches the applications in a "the world is an evil place with bad and bored people in it so what if" mindset.

Then I hire bored and bad people to try and break it or gain access to things they shouldn't gain access to and no one has ever been successful in an attempt.

Bottom line - build it right and you won't have these problems.

Some things that are built right will still have flaws. It sometimes takes years to find out the ins and outs of programs that are developed. To keep it professional it would be good if the parties involved could discuss this through emails or icqs. Once it goes to the board it hurts the company that is in question.

I think that karma came back to bite brad for him trying to do the same to NATS. NATS is now even stronger then it was before.

I don't think that even programs that are built right have flaws that just haven't been discovered yet.

To offer up an analogy here:

A guy goes to the hospital because he fell off his bike and broke his leg - insurance raises his premium because it's the 3'rd time he's broken his leg falling from his bike.

The insurance company raises the premiums on any and every one of their clients who own bicycles because they're a bad risk

They just haven't fallen from their bicyclet and broken their leg - yet

Some of us don't fall off our bikes :)

WRONG. I had access to you sales and profitability reports etc....

argh I'm so late for this... can't you people wake me up when drama is bubbling?

damn how profitable were they?

We own the most kickass Pintos in town, and your mortgage

Brad you got your ass handed to you... Hard...

maybe you should sell your rides and hire some security people :o)

What Brad should be doing instead of going to the fake SS appointment,

Brad to Greg: "I want my admin dead! I want his family DEAD! I want his house burnt to the ground!"

Those security holes were so obvious... wow...

greg tell me if you contacted your clients in the am? why are they still out in the open?

all products have holes in them. windows xp had 100,000 bugs shipped in the box, thats why they come out with updates. nats had a bug, they fixed it. all code one way or another needs patching or updated to make it faster or add new options. or a mistake the coder didnt see before.

instead of watching this thread all day, you could be doing something useful, like spending a day with your staff and getting the ball rolling.

and yes to the person that every software has its flaws. that is true. tell me one os that is perfect. one piece of code that is perfect. i am sure everything breaks at one point.

they are trying hard to do some damage control.

No personal info please - yours was removed when it was posted too :warning

congrats did shaw internet just show you how to do a whois? is that your first step in webmaster school?

i could have gave you that information if you just asked. its in my whois.

its public knowledge, i am in the phone book. you are welcome to call, do you want to stop by for tea?

personal info posting time!

http://www.wits.ac.za/bahai/choc%20party%20all.jpg

Quite, ironic that when the tables are turned and it's your ass getting smacked down.. Your only defense is to threaten to sue. I find this all so fucking funny that you got your shit handed to you less than a month after you were giving others shit because of smaller glitches than this.

So Mr Nostrafuckingdamous did yea see this one coming? I don't normally bash guys on forums, but you had this coming for quite some time. Karma is a bitch isn't it?

This is all an elaborate scheme between Bradshaw and Fris. Their plan is to create "drama" and thus insure that they will have the longest thread of the week. They plan on splitting the X-Box. Bradshaw will get to use it every other week.

Nice work gentlemen.

Its a server configuration issue not a script issue.

There are no adjustments to be made to the actual scripts themselves.

Don't get it twisted.

i can't believe nobody has posted an iraqi defense minister photoshop yet

uh oh it's getting ugly

Quit kissing his ass.. your lips are turning brown and it's on your nose too. It doesn't matter if it was a scripts fault or a server issue. The result was the same.

Secure info was left wide open for anyone and their mom to see. Brad was all over this board giving hell about Nats for a smaller error than this. The worst part is he was warned about it 6 months ago.

Free 3 Shirts from http://XThreadz.com for the best b.s. iraqi defense minister photoshop.

Ahh.. ahah...

Brads conversation with SS...

SS Agent: OK, so basically lay it out for me, what happened?
Brad: Well, I spent the greater part of this half a year bad mouthing everyone else and now it seems that I've become the new target.
SS Agent: In what way?
Brad: Someone posted holes to my server on an adult webmaster board called Go Fuck Yourself.
SS Agent: Haha, that is 'fucked-up'... Haha... sorry.... I couldn't resist. Go on.
Brad: So now everyone knows that I pay my people historically low wages and nickle and dime EVERYTHING.
SS Agent: How would they infer that?
Brad: Because my server had some very basic flaws.
SS Agent: OK, tell me about what you feel the 'hacker' did wrong.
Brad: Well, he viewed publically viewable files in world readable directories.
SS Agent: Really? How'd he know they were there?
Brad: My low-wage admin left directory indexing on and configured the server to show the source code of some files.
SS Agent: Uhh-huh... Where is the server located?
Brad: I don't know. I pay people low wages to know those sorts of things for me.
SS Agent: Right, and do you know the location of the hacker?
Brad: Yes, he is in Ancaster, Ontario, Canada.
SS Agent: Ohh... He is in Canada?
Brad: Yeah, that is what I just said! Are you deaf?
SS Agent: No, Mr. Shaw, I am not deaf and I am also not an under-paid employee of yours so you will watch your tone.
Brad: [Thinks wow, my ass handed to me 2 times in one day]
SS Agent: Well, Mr. Shaw, there isn't a damn thing we can do for you if he is in Canada. Have a nice day.

Sorry thats just the fact.
If ya knew ya would know.

see your point. but, a company that does outsourced affiliate programs should not have to outsource its own server-related stuff.

nice try, i dont know, or never met brad shaw. plus i want a ps2, i dont like xbox.

i didnt even know their was a price for longest thread.

but thanks for letting me know.

http://i7.photobucket.com/albums/y28...aa/2165787.jpg

Admit that you want just the XBOX

For the record, I was not aware of any specfic holes. I was told months ago that a hacker claimed to get on our system, found a hole and wanted to be paid to fix it. I do not do business like that.....

Fris, there is a knock at your door.

Fris.....I was joking with you. Best of luck. :thumbsup

Well thats the nature of my business as well.

I build entire programs using these sort of solutions.

The Tours.
The Members.
The Ad's.
The Content.
The Ballgame.

The whole Nine Yards.

I must admit I am not to happy about this event, ES is a great script I have reccomended it to several people and am quite familier with it.

None the less...
Drama queens will be drama queens.
Biz is biz.

I honestly do not see this event hurting ES at all.
Infact it reinforces it's position as the top affiliates script available at this time. If anyone got a peek under the hood there was some great numbers to be seen that should be testimony that the script is a winner. Anyone using ES has been updating the configs since late last night. So Cut to the shit, this is a promo.

the bad news is that you must have other holes then. if what you say is true, then you may wish to shut down your program until it is safe to re-open as a courtesy to your clients. then you can turn this into a positive thread.

LMFAO!

That is how he affords to drink Cristal! :1orglaugh

really?

i cant hear anything

So you're trying to justify pretending to contact the SS based upon a 'claim' of a hacker months ago? :thumbsup

I have been contacted by numerous affilates regarding this thread. As some of you know my company has been mentioned in this thread.

This was not an ES issue, but was a siccash issue. Our data is secure and has been secure since day 1.

If anyone has any information otherwise, please contact me and I will pay you a nice cash reward.

I have no knowledge of fris or if he is intending to damage my company in anway. Again if anyone has information on any of this that i should know, I will pay large cash rewards with no questions asked. I havent had the time to read this entire thread yet but I will protect my business interests and any client info or member signup info.

icq 11403900
[email protected]

this keeps getting better and better :)