Announcement

Collapse
No announcement yet.

Is this forum open to anyone

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Is this forum open to anyone

    Was just thinking about security issues the other day and thought about the VB forum...

    is the whole of this forum open to the public? I mean can anyone join and post and read any part of the forum, including the latest versions and announcements threads?

    if this is the case, would it be a good idea to seperate some of it off to licence owners.

    If i was a hacker and wanted to take advantage of a security hole in a VB forum, where could i go to find out about it? of course the VB site, where it announces all the latest bugs and security issues discovered!

    I could be completely wrong about this, i did look through this part of the forum but couldnt see anything on it.

    This is not a complaint by the way, just a question by an intrigued member!!

    Andy.

  • #2
    Yes, unlicensed users can read all of the same forums you can. They can't download any attachments though, nor can they post in most of the forums.

    Hackers would have to have access to the source code to exploit a security hole, so they'd have to have a license anyway, so it doesn't make sense to block unregistered users from viewing that forum.
    Additionally, we of course always recommend that our customers upgrade to the latest version or at least apply the provided security patches.
    Best Regards
    Colin Frei

    Please don't contact me per PM.

    Comment


    • #3
      It just seems that you could come here as a hacker, see what the latest version is, find threads about security threats then go find a forum that hasnt been updated to have a fiddle with

      or am i just paranoid!

      Andy.

      Comment


      • #4
        seriously, am i paranoid?

        Comment


        • #5
          Originally posted by AndySV1K
          seriously, am i paranoid?
          Probably
          Best Regards
          Colin Frei

          Please don't contact me per PM.

          Comment


          • #6
            We do not allow posts with specific security exploit info and if we see one we move it to a private forum for the Devs to review.

            Even so, I can't recall a time when someone has actually posted an exploit on our forums.
            Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
            Change CKEditor Colors to Match Style (for 4.1.4 and above)

            Steve Machol Photography


            Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


            Comment

            widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
            Working...
            X