Mr_Eastern
Debutant
- Jul 19, 2006
- 74
- 37
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
You'll be back in a flash when it gets going again
!!
You'll be back in a flash when it gets going again
!!-
LIVE: Geelong v Brisbane Lions - 7:30PM Sat
Squiggle tips Cats at 54% chance -- What's your tip? -- Teams on Thurs »
-
AFLW 2024 - Round 4 - Chat, game threads, injury lists, team lineups and more.
Saintsational Posters Thread
- Thread starter Pwoit
- Start date
- Tagged users None
Dr Spaceman
Premium Gold
Re: Saintsational Hacked Again
So this is where all you SS jokers have been hiding out
All Saints forums are great IMO, however I certainly miss the old home. May it return sooooooooon.
So this is where all you SS jokers have been hiding out
All Saints forums are great IMO, however I certainly miss the old home. May it return sooooooooon.
Re: Saintsational Hacked Again
Really simple, if you dont like SS and think they are money grabbing thieves, dont post there or give your hard earned to them.
From my perspective I am proud of and grateful to the efforts of people like Mister Magic who organises the player sponsorship of FIVE players last season.
The carping and whinging about moderators over at SS comes from a select few who hounded three moderators off the site last year.
Thank goodness that constant moaning and whining doesn't happen here.
Ányone is welcome to go or stay on a forum and considering the traffic on SS is as heavy as ever i think it is just rubbish that "so many good posters have left".
Considering when the player sponsorhips started there was one and now there is five would indicate that there are more and more posters there.
Maybe it is, as Saints66 pointed just the General Forum where some people think it is there own little fiefdom.
Anyhoo, bringing your griping to another forum is poor form IMO, and tend to reinforce the stereotype many non SS posters here have of that forum.
Constant bikkering and whinging about something so positive for the club wont attract any more supporters to a forum, that on the whole is very good.
Really simple, if you dont like SS and think they are money grabbing thieves, dont post there or give your hard earned to them.
From my perspective I am proud of and grateful to the efforts of people like Mister Magic who organises the player sponsorship of FIVE players last season.
The carping and whinging about moderators over at SS comes from a select few who hounded three moderators off the site last year.
Thank goodness that constant moaning and whining doesn't happen here.
Ányone is welcome to go or stay on a forum and considering the traffic on SS is as heavy as ever i think it is just rubbish that "so many good posters have left".
Considering when the player sponsorhips started there was one and now there is five would indicate that there are more and more posters there.
Maybe it is, as Saints66 pointed just the General Forum where some people think it is there own little fiefdom.
Anyhoo, bringing your griping to another forum is poor form IMO, and tend to reinforce the stereotype many non SS posters here have of that forum.
Constant bikkering and whinging about something so positive for the club wont attract any more supporters to a forum, that on the whole is very good.
Re: Saintsational Hacked Again
you 30Rock Dr Spaceman
So this is where all you SS jokers have been hiding out
All Saints forums are great IMO, however I certainly miss the old home. May it return sooooooooon.
you 30Rock Dr Spaceman
bubblegoose
Premiership Player
Re: Saintsational Hacked Again
& when it gets back up and running your elected site admin should arrange for some site backup, separate from where the site is hosted so if this happens again a differnet host can load the site from last backup, update the domain, etc
InkerSaint
Debutant
- Jan 4, 2011
- 142
- 0
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
http://forums.whirlpool.net.au/archive/1436284
http://forums.whirlpool.net.au/archive/1331750
http://forums.whirlpool.net.au/archive/1186171
Seems Blue Central have plenty of dissatisfied customers.
The problem should be escalated. Ross Dour (CTO) has a Whirlpool presence. I would say a new host is needed if that fails.
I for one would have no problems contributing to funding for a site move.
http://forums.whirlpool.net.au/archive/1436284
http://forums.whirlpool.net.au/archive/1331750
http://forums.whirlpool.net.au/archive/1186171
Seems Blue Central have plenty of dissatisfied customers.
The problem should be escalated. Ross Dour (CTO) has a Whirlpool presence. I would say a new host is needed if that fails.
I for one would have no problems contributing to funding for a site move.
InkerSaint
Debutant
- Jan 4, 2011
- 142
- 0
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
Or, if you don't like simply throwing money away, look up the service delivery commitments in the hosting contract and try to get recourse through the TIO.
You just have to work out how much your time is worth. I hope this helps MM.
Or, if you don't like simply throwing money away, look up the service delivery commitments in the hosting contract and try to get recourse through the TIO.
You just have to work out how much your time is worth. I hope this helps MM.
SamFisher25
Premiership Player
Re: Saintsational Hacked Again
Saturday, May 28
Richmond vs Port AdelaideTIO Stadium8:40pm8:10pmFOX
Saturday, July 16
Melbourne vs Port AdelaideTIO Stadium8:40pm8:10pmTEN
Rumour: TIO are busy from April.
You'd want to have this sorted by March at the latest.
Saturday, May 28
Richmond vs Port AdelaideTIO Stadium8:40pm8:10pmFOX
Saturday, July 16
Melbourne vs Port AdelaideTIO Stadium8:40pm8:10pmTEN
Rumour: TIO are busy from April.
You'd want to have this sorted by March at the latest.
Re: Saintsational Hacked Again
MM and JB, I respect your opinions and your defence ofthe SS admin..... but this latest episode has highlighted an incompetance and lack of due diligence in protecting the site.
Excuse the SS admin, and blame the hosting company all you like..... but the fact remains that the SS admin could have easily had contingencies in place to quickly rectify this latest occurrence......there's no escaping the fact that they've dropped the ball big time with this fiasco.....
and it's either through incompetance or apathy.....or both.
MM and JB, I respect your opinions and your defence ofthe SS admin..... but this latest episode has highlighted an incompetance and lack of due diligence in protecting the site.
Excuse the SS admin, and blame the hosting company all you like..... but the fact remains that the SS admin could have easily had contingencies in place to quickly rectify this latest occurrence......there's no escaping the fact that they've dropped the ball big time with this fiasco.....
and it's either through incompetance or apathy.....or both.
InkerSaint
Debutant
- Jan 4, 2011
- 142
- 0
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
We're not alone in this boat...
Flyingsaint
Team Captain
- Apr 4, 2010
- 456
- 17
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
Persevering Saint
Brownlow Medallist
Re: Saintsational Hacked Again
Very glad to see you hear, Dr S! Welcome. Always appreciated your posts for the mouther country...So this is where all you SS jokers have been hiding out
All Saints forums are great IMO, however I certainly miss the old home. May it return sooooooooon.
Persevering Saint
Brownlow Medallist
Re: Saintsational Hacked Again
I hear good things about GODADDY.com - they apparently do some good servers n stuff.
I hear good things about GODADDY.com - they apparently do some good servers n stuff.
Persevering Saint
Brownlow Medallist
Re: Saintsational Hacked Again
Oh, and you get 10% of anything they sell if you type in "linux" first, or 20% if you type in "linux20" first.
Oh, and you get 10% of anything they sell if you type in "linux" first, or 20% if you type in "linux20" first.
BAM shhhh
Draftee
Re: Saintsational Hacked Again
Not for nothing, we live in an instant world (especially here on the internet), expect instant results and like to feel empowered. Note as you read the following, I don't work for (or have any close associates who work for) BlueCentral and I never have. I do know a bit about their business.
All hosting companies have plenty of dissatisfied customers. Goes with the territory - web hosting's an economy-of-scale+scope game at this level . Before making any move, be sure you're actually solving your problem.
All hosting companies go through skeleton-crew type scenarios around Xmas & new years. With a much lower workload, it would be crazy not to.
The task actually required to get a SS backup in place is likely something along the lines of:
- Contact BlueCentral offsite backup facility, arrange access for a range of dates daily-weekly-monthly.
- Interrogate backups to find the SS specific backups (economy of scope again. These backups, unless specifically outlined - and at the rates we pay, it's not going to be - are going to be for BC's use)
- Within that data, find a replica which is ideally not only not fully hacked, but doesn't present whatever the original backdoor was (assuming the hackers installed one).
- Install data to rebuilt HDD.
It requires time, multiple people in multiple places, and most of all, expertise.
Joe Blow from accounts can't get it done. Even engineer #1 by him/herself probably can't get it done. Note that from a cost perspective, that's likely at least 4 hours x 3 employees... so for anyone thinking the hosting company is bilking SS on cost, that's going to likely eat at least a couple of YEARS worth of hosting fees.
The reality is that their contractual responsibility is unlikely to guarentee a timeframe on backup restore, for exactly the current scenario's unknowns. At some stage (surely by now the change freeze would be ending) the full BC staff will be back on board, and the restore will suddenly progress quickly.
Further, escalating a site worth hundreds of dollars to the CTO is, frankly, wasting their CTO's time. If the hackers exploited a problem in the BC RSO's, IDS, etc. that should go to the CTO. The fact that backup restore on this level of hosting is cumbersome would be a known issue. Everybody loses.
So, we can walk if we want. BlueCentral's unlikely to miss us that much. It's likely a case of cutting off our nose to spite our face if we do move.
In the meantime, chalk one up to experience, be patient (enjoy this thread) and next time, let's keep our own backups.
Not for nothing, we live in an instant world (especially here on the internet), expect instant results and like to feel empowered. Note as you read the following, I don't work for (or have any close associates who work for) BlueCentral and I never have. I do know a bit about their business.
All hosting companies have plenty of dissatisfied customers. Goes with the territory - web hosting's an economy-of-scale+scope game at this level . Before making any move, be sure you're actually solving your problem.
All hosting companies go through skeleton-crew type scenarios around Xmas & new years. With a much lower workload, it would be crazy not to.
The task actually required to get a SS backup in place is likely something along the lines of:
- Contact BlueCentral offsite backup facility, arrange access for a range of dates daily-weekly-monthly.
- Interrogate backups to find the SS specific backups (economy of scope again. These backups, unless specifically outlined - and at the rates we pay, it's not going to be - are going to be for BC's use)
- Within that data, find a replica which is ideally not only not fully hacked, but doesn't present whatever the original backdoor was (assuming the hackers installed one).
- Install data to rebuilt HDD.
It requires time, multiple people in multiple places, and most of all, expertise.
Joe Blow from accounts can't get it done. Even engineer #1 by him/herself probably can't get it done. Note that from a cost perspective, that's likely at least 4 hours x 3 employees... so for anyone thinking the hosting company is bilking SS on cost, that's going to likely eat at least a couple of YEARS worth of hosting fees.
The reality is that their contractual responsibility is unlikely to guarentee a timeframe on backup restore, for exactly the current scenario's unknowns. At some stage (surely by now the change freeze would be ending) the full BC staff will be back on board, and the restore will suddenly progress quickly.
Further, escalating a site worth hundreds of dollars to the CTO is, frankly, wasting their CTO's time. If the hackers exploited a problem in the BC RSO's, IDS, etc. that should go to the CTO. The fact that backup restore on this level of hosting is cumbersome would be a known issue. Everybody loses.
So, we can walk if we want. BlueCentral's unlikely to miss us that much. It's likely a case of cutting off our nose to spite our face if we do move.
In the meantime, chalk one up to experience, be patient (enjoy this thread) and next time, let's keep our own backups.
saintspremiers
Senior List
- Aug 14, 2006
- 165
- 119
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
Can the backups be done daily or weekly?
Can they easily fit on a pissy 250GB passport drive that
Costs bugger all nowadays??
Can the backups be done daily or weekly?
Can they easily fit on a pissy 250GB passport drive that
Costs bugger all nowadays??
Re: Saintsational Hacked Again
Conclusion, there is room for both in your Saints diet.
Conclusion, there is room for both in your Saints diet.
BAM shhhh
Draftee
Re: Saintsational Hacked Again
I'd be guessing they're done Daily AND Weekly to ensure continuity for THEIR business.
Rather than being on an individual 250GB drive, which would be more costly (and not the drive itself, but the ongoing maintenance of the drive itself, which while not overly taxing, is going to impact on the ability to offer the service for $40 a month), it'll be a small part of something in the order of a petabyte's (1PB = 1024 TB, 1TB = 1024 GB) worth of storage.
To get to it, therefore it needs to be brought onsite, then the specific SS component needs to be found and restored.
For SS to do it ourselves, it would entail arranging the storage, networking and replication. Notably, most of the "easy" ways to do this may well have represented a serious chance of the hackers being able to destroy this as well, and/or represent a regular piece of effort on the part of the volunteers who admin the site.
In enterprise level (i.e. big multinational) type setups where something like this would be having a financial impact (and hence is worth spending money on preventing), rule of thumb is that for effective and immediate DR, you're looking at a cost increase of ~ 2.5 times initial value (fully redundant setup, plus monitoring, plus replication)... and even then, we'd have like just seen the hackers hack the second setup.
The place to direct our ire is actually at the hackers. Think about this, essentially, someone has dedicated a significantly valuable piece of computer, a significant amount of coding time, and genuine level of expertise to vandalism. In the context of the internet, they've gone and bought themselves the most expensive paint possibe so they could paint their name in small font on the door to the change rooms of the Sandy Zebras.
It's not worth doing too much to prevent... if the vandals really want to do it, they will. You just hope that they don't do it the day before the photographers are coming to take all important pictures of the door (okay, analogy fails....)
I'd be guessing they're done Daily AND Weekly to ensure continuity for THEIR business.
Rather than being on an individual 250GB drive, which would be more costly (and not the drive itself, but the ongoing maintenance of the drive itself, which while not overly taxing, is going to impact on the ability to offer the service for $40 a month), it'll be a small part of something in the order of a petabyte's (1PB = 1024 TB, 1TB = 1024 GB) worth of storage.
To get to it, therefore it needs to be brought onsite, then the specific SS component needs to be found and restored.
For SS to do it ourselves, it would entail arranging the storage, networking and replication. Notably, most of the "easy" ways to do this may well have represented a serious chance of the hackers being able to destroy this as well, and/or represent a regular piece of effort on the part of the volunteers who admin the site.
In enterprise level (i.e. big multinational) type setups where something like this would be having a financial impact (and hence is worth spending money on preventing), rule of thumb is that for effective and immediate DR, you're looking at a cost increase of ~ 2.5 times initial value (fully redundant setup, plus monitoring, plus replication)... and even then, we'd have like just seen the hackers hack the second setup.
The place to direct our ire is actually at the hackers. Think about this, essentially, someone has dedicated a significantly valuable piece of computer, a significant amount of coding time, and genuine level of expertise to vandalism. In the context of the internet, they've gone and bought themselves the most expensive paint possibe so they could paint their name in small font on the door to the change rooms of the Sandy Zebras.
It's not worth doing too much to prevent... if the vandals really want to do it, they will. You just hope that they don't do it the day before the photographers are coming to take all important pictures of the door (okay, analogy fails....)
InkerSaint
Debutant
- Jan 4, 2011
- 142
- 0
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
BlueCentral may not be a lone offender, but I highly doubt their service delivery is representative of the industry.
As far as getting hold of a site copy goes, it's a bit late for that at this stage. The horse has bolted, and any request made of the provider will take about the same amount of time. We're on a hiding to nothing asking for a copy right now, but it would still be worth finding out how to plan a site move to avoid being held to ransom by an apathetic service provider.
With respect to the site data, it can be delivered on DLT or even a data stick. The site data has nothing to do with the host operating system. This goes for the exploit too, that is a programmatic loophole. If a BlueCentral site keeps getting hacked then maybe BlueCentral is being lax with its security measures. One more reason to reassess the arrangement.
Oh and contractual terms aside, it's not beyond the scope of the TIO to deem that the host has been negligent in their provision of services in the event that a contract release and pro rata refund is sought.
I understand you're being a voice of reason here BAM, but I think you are over-accommodating.
BlueCentral may not be a lone offender, but I highly doubt their service delivery is representative of the industry.
As far as getting hold of a site copy goes, it's a bit late for that at this stage. The horse has bolted, and any request made of the provider will take about the same amount of time. We're on a hiding to nothing asking for a copy right now, but it would still be worth finding out how to plan a site move to avoid being held to ransom by an apathetic service provider.
With respect to the site data, it can be delivered on DLT or even a data stick. The site data has nothing to do with the host operating system. This goes for the exploit too, that is a programmatic loophole. If a BlueCentral site keeps getting hacked then maybe BlueCentral is being lax with its security measures. One more reason to reassess the arrangement.
Oh and contractual terms aside, it's not beyond the scope of the TIO to deem that the host has been negligent in their provision of services in the event that a contract release and pro rata refund is sought.
Re: Saintsational Hacked Again
Heaps of the Collingwood posters are capable of having good and interesting discussion.
In regards to misrepresentation.
I recently posted a link to a story on the Collingwood supporter board, where the paper itself made a link between the subject matter and Collingwood.
Some weeks later a Collingwood board moderator used my post as an example of trolling on the main board.
Enjoyed discussion with some Collingwood posters prior to this, including on their own supporter board.
Cautious now.
I think I've met them all except PuMunchoo and Optispak (if PieLied is in fact PieBeast?). Who are the other 2?
I've also met another 'legend in his own mind' named AmberGuzzler.
I don't mind 'the distributer' he along with a couple of others are quite funny.
PieBeast has taken to visiting here and deliberately misquoting my posts over there, so It's fun calling him out on it.
I cannot believe he's that stupid that he thinks anybody would just cop his crap without returning fire?
It will be interesting to see how he misrepresents this psrticular post over there!!!!!
Heaps of the Collingwood posters are capable of having good and interesting discussion.
In regards to misrepresentation.
I recently posted a link to a story on the Collingwood supporter board, where the paper itself made a link between the subject matter and Collingwood.
Some weeks later a Collingwood board moderator used my post as an example of trolling on the main board.
Enjoyed discussion with some Collingwood posters prior to this, including on their own supporter board.
Cautious now.
BAM shhhh
Draftee
Re: Saintsational Hacked Again
I'm not really trying to be accommodating or otherwise (not interested on rendering that kind of judgement in this kind of forum. I'm not impressed... just less surprised...). I do think that there's some fundamental misunderstanding of what entitlement is going to be for ~$40 a month in terms of technology, service, and responsibility.
For example, I'll guess that if SS pushes for it - regardless of the fact I assume the service isn't covered by SLA (Service Level Agreement covering uptime) - BlueCentral is probably just going to credit December (and possibly Januarys) service fees rather than actually spending anything on defending a case (if this got the the TIO, I'd be stunned). On one hand, It's likely the contract will specifically leave us in the cold in this scenario, and limit to an aggregate of service fees over affected time periods...
For $80, it's probably cheaper for them to fold.
Everything that people have wanted the host to be doing in this thread is available in the market. Most of it's probably available from BlueCentral. It's just got to be paid for.
I'm not really trying to be accommodating or otherwise (not interested on rendering that kind of judgement in this kind of forum. I'm not impressed... just less surprised...). I do think that there's some fundamental misunderstanding of what entitlement is going to be for ~$40 a month in terms of technology, service, and responsibility.
For example, I'll guess that if SS pushes for it - regardless of the fact I assume the service isn't covered by SLA (Service Level Agreement covering uptime) - BlueCentral is probably just going to credit December (and possibly Januarys) service fees rather than actually spending anything on defending a case (if this got the the TIO, I'd be stunned). On one hand, It's likely the contract will specifically leave us in the cold in this scenario, and limit to an aggregate of service fees over affected time periods...
For $80, it's probably cheaper for them to fold.
Everything that people have wanted the host to be doing in this thread is available in the market. Most of it's probably available from BlueCentral. It's just got to be paid for.
InkerSaint
Debutant
- Jan 4, 2011
- 142
- 0
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
You seem ignorant on the engagement process for the TIO (and several if not all of the other ombudsmen). It is as simple as a phone call.
We'll agree to disagree on that. The scale is immaterial. I pay not much more than $40 a month for my mobile phone connection, and I certainly don't expect a two week+ outage would be considered reasonable just because I'm small fries to Telstra.
You seem ignorant on the engagement process for the TIO (and several if not all of the other ombudsmen). It is as simple as a phone call.
BAM shhhh
Draftee
Re: Saintsational Hacked Again
I think the difference comes in where the responsibility for what's failed is seen to lie. It's not the infrastructure that's failed (even if it were, the difference between a national phone network and a server farm for small businesses is kinda massive), it's a data problem. As I infer from this thread that it's a dedicated server, WE were in control of the security settings.
The analogy would probably be more true if you were to compare to your handset. Your handset got grabbed by vandals on the train, thrown around, and now it's not working. Try to get Telstra business to fix it during the Christmas period. What we're in effect being told is they can replace it, it'll be a while, and if we had our own backup handset, we could slip the SIM straight in...
Happy to cop to being ignorant of the Ombudsman process.
If you think it worth the time (you clearly know more about the process), make that phone call (According to Forrester, the prevailing reason for increased spend on IT Service Continuity is increasing fiduciary concern around areas like information control and security, so hammering a national player on this basis can only be good for the little guy)... My opinion (and take FWIW coming in a footy forum) is that you'll get nowhere.
I think the difference comes in where the responsibility for what's failed is seen to lie. It's not the infrastructure that's failed (even if it were, the difference between a national phone network and a server farm for small businesses is kinda massive), it's a data problem. As I infer from this thread that it's a dedicated server, WE were in control of the security settings.
The analogy would probably be more true if you were to compare to your handset. Your handset got grabbed by vandals on the train, thrown around, and now it's not working. Try to get Telstra business to fix it during the Christmas period. What we're in effect being told is they can replace it, it'll be a while, and if we had our own backup handset, we could slip the SIM straight in...
Happy to cop to being ignorant of the Ombudsman process.
If you think it worth the time (you clearly know more about the process), make that phone call (According to Forrester, the prevailing reason for increased spend on IT Service Continuity is increasing fiduciary concern around areas like information control and security, so hammering a national player on this basis can only be good for the little guy)... My opinion (and take FWIW coming in a footy forum) is that you'll get nowhere.
JeffDunne
TheBrownDog
Re: Saintsational Hacked Again
If hosting is their problem, I'd be happy to host it free of charge.
If hosting is their problem, I'd be happy to host it free of charge.
InkerSaint
Debutant
- Jan 4, 2011
- 142
- 0
- AFL Club
- St Kilda
Re: Saintsational Hacked Again
Hard to believe the likes of Battye are responsible for patch updates on server software.
See here for an example of a failure to maintain patch levels resulting in an exploit:
http://www.theregister.co.uk/2009/02/04/phpbb_breach/
Whoa horsie. Who runs the BBS software? The host or the site admins?
Hard to believe the likes of Battye are responsible for patch updates on server software.
See here for an example of a failure to maintain patch levels resulting in an exploit:
http://www.theregister.co.uk/2009/02/04/phpbb_breach/
