It might be a good idea get an SSL cert setup, even if its not a paid one, just for the people who like things secure :)

I was also thinking about writing up a tutorial to help people stay anonymous when posting on forums like these. Would that be a good idea, or a waste of time?

I think it would be a waste myself.......MOST of the people that bitch about the possibility of getting busted are the same ones that post where they live in one thread........their picture in another....then maybe to top it off their grow in yet another thread. It's hard to protect some from themselves.:twocents:

Have a good one!:jointsmile:

We are anonymous you dont know who I am and you really cant find out If I dont want you too so why do I need a tutorial.
Correct me if I am missing something.

Cheers

NCM

You are only as secure as the information you give out its easy to remain anonymous but write a tutorial if you think it will help I promise I'll read it and give my honest opinion

Cheers

NCM

What personal info people choose to give out about themselves (obviously not too much like phone numbers) is up to them, you dont even have to say which country you're from if you dont want to.

I don't see how SSL would help at all on an open forum like this? SSL would serve no purpose. What would you encrypt... becuase almost every post on this forum is public, and archived on the forum.

the tutorial idea might be good... but then again if you have common sense you know what information to give out and what to not give. ;)

You are only as secure as the information you give out its easy to remain anonymous but write a tutorial if you think it will help I promise I'll read it and give my honest opinion

Cheers

NCM
Yes, thats very true to some extent, but there is information which you send out that most users would have no idea of. The forum stores your ip address when you sign up, view a page, or make any kind of post. It also stores your password in an MD5 hash. All it would take is a vulnerabillity in vbulletin ( and there are a few private ones going around ) and they would have your ip, and a description of the system you are running - this could allow them to attack your computer and gain access. It would tell them your rough location. They would have your password, which many people use the same passwords throughout accounts - which could also be hijacked.


As for SSL, it would help stop data being intercepted between you and the forum.

I think it would be a waste myself.......MOST of the people that bitch about the possibility of getting busted are the same ones that post where they live in one thread........their picture in another....then maybe to top it off their grow in yet another thread. It's hard to protect some from themselves.:twocents:

Have a good one!:jointsmile:

QF-fucking-T!!!11111!!!1!!!oneoneoene!11!

How do you know about the vbulletin vulnerabilities to begin with?

How do you know about the vbulletin vulnerabilities to begin with?
I'm well informed.

I'm well informed.

Sorry, but I call B.S. on that. Anyways, I don't think it's a risk but some people might want it.

Sorry, but I call B.S. on that. Anyways, I don't think it's a risk but some people might want it.

refer back to P4B's post... as it is entirely true....

Sorry, but I call B.S. on that. Anyways, I don't think it's a risk but some people might want it.
Its not BS, for instance, see here; RETIRED: VBulletin Multiple Remote File Include Vulnerabilities (http://www.securityfocus.com/bid/25141)

This is one thats been leaked to the public. Obviosly its been patched, i wouldnt have posted it here if it wasnt.Exploits like this do exist in certain circles, and are traded/sold. Depending on the exploit, what its for, the access you can obtain, these can go for various amounts, some upwards of $5000.

Ok, I'm not saying that there aren't bugs in the system that could be exploited but it's constantly being worked on. I doubt that there's an exploit that vbulletin hasn't patched or isn't working on right now (read: they don't know about) that could take down this whole site.

Well, how do you think the Sasser, or Blaster worm propogated? the time it takes for the exploit to be discovered by vbulletin, and the time to deploy a patch leaves a huge gap in the system.Especially with private exploits, it can be months, or sometimes a year before it gets leaked.

The truth is if someone really wants your information that badly they will get it you can't really stop them there are forces at work that you or I don't really about.
Most people don't give a monkeys about our details anyway life's too short for me to worry about your password for instance or what your IP is, chill out and don't let it be a worry.

PS. I'll probably get hacked now and lose the 47 pence I have in my bank account LOL

NCM