Register Members List Search Today's Posts Mark Forums Read

Closed Thread
 
Thread Tools
  #16  
Old 08 Jul 2008, 11:06
Q-v-n-s-Q Q-v-n-s-Q is offline
 
Join Date: Mar 2005
cool, ima download it
__________________
PossibleAndroid
  #17  
Old 08 Jul 2008, 14:57
CurtisK CurtisK is offline
 
Join Date: Jun 2007
simple and easy to do

UPGRADED

thanks for all the updates! sure does keep me busy
  #18  
Old 09 Jul 2008, 09:35
projectego's Avatar
projectego projectego is offline
 
Join Date: Feb 2006
Location: UK
Real name: Steve
*downloads new patch*

Thanks, Jelsoft!
__________________
  #19  
Old 09 Jul 2008, 17:17
KURTZ KURTZ is offline
 
Join Date: Nov 2006
Real name: Christian
Originally Posted by Jase2 View Post
Jessica Hope is onto vBulletin
that's an interesting issue ...
  #20  
Old 09 Jul 2008, 21:30
Jase2 Jase2 is offline
 
Join Date: Dec 2007
She seems a really nice person. Afterall, the exploit fixed would of never been found if it wasn't for her. There's an interesting debate going on in the vBulletin 3.7.2 Release Discussion - Jessica Hope is actually participating in that. Some people seem to think it is wrong for her to give a demo link exploit... well I don't think it is. She reported it in private to Jelsoft first, but they just said it isn't an exploit and dismissed it. So, she reported it publicly. Check it out: http://securitytracker.com/alerts/2008/Jun/1020322.html
  #21  
Old 09 Jul 2008, 21:46
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Real name: Shawn
v/Jessica to jelsoft
  #22  
Old 10 Jul 2008, 08:51
gamerfu's Avatar
gamerfu gamerfu is offline
 
Join Date: Apr 2008
Location: 台灣,&
Real name: 海富富
Originally Posted by Jase2 View Post
She seems a really nice person. Afterall, the exploit fixed would of never been found if it wasn't for her. There's an interesting debate going on in the vBulletin 3.7.2 Release Discussion - Jessica Hope is actually participating in that. Some people seem to think it is wrong for her to give a demo link exploit... well I don't think it is. She reported it in private to Jelsoft first, but they just said it isn't an exploit and dismissed it. So, she reported it publicly. Check it out: http://securitytracker.com/alerts/2008/Jun/1020322.html
Intresting how Jelsoft does not always take concerns seriously.
  #23  
Old 10 Jul 2008, 09:20
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
She reported it in private to Jelsoft first, but they just said it isn't an exploit and dismissed it.
I wonder where you got that impression.
__________________
Marco van Herwaarden
Ex vBulletin.org Coordinator
  #24  
Old 10 Jul 2008, 11:58
KURTZ KURTZ is offline
 
Join Date: Nov 2006
Real name: Christian
Originally Posted by gamerfu View Post
Intresting how Jelsoft does not always take concerns seriously.
exactly ...

Originally Posted by Marco van Herwaarden View Post
I wonder where you got that impression.
maybe Jason has some private channels ...
  #25  
Old 10 Jul 2008, 13:29
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Where was it posted that Jelsoft does not take security concerns serious? If we would not take it serious, then why are we releasing a patch immediate after the discovery of a new possible exploit?

PS I doubt Jason has private channels that give him any more information then i have, on the contrary.
__________________
Marco van Herwaarden
Ex vBulletin.org Coordinator
  #26  
Old 10 Jul 2008, 16:43
Jase2 Jase2 is offline
 
Join Date: Dec 2007
She told vBulletin about it first. Jelsoft downplayed it, putting their users at risk. So what about blaming them instead of Jessica? They are the ones who didn't take responsibility. But in the end, you have nobody to blame but yourself. It is attitudes like these that are the reason that Storm and others continue to thrive.
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.

Marco, are you employed by Jelsoft?
  #27  
Old 10 Jul 2008, 17:24
King Kovifor's Avatar
King Kovifor King Kovifor is offline
 
Join Date: Nov 2004
Real name: Jeremy
Originally Posted by Jase2 View Post
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.

Marco, are you employed by Jelsoft?
Yes. Marco is the only Paid Staff member at vBulletin.org as he is employed by Jelsoft. He is here to coordinate between vB.com and vB.org.
__________________
Former vBulletin.org Staff Member

Do not request support through any other means except the forums.

Useful Post With Links on Learning How To Develop vBulletin Plugins

Latest Modification: Stop Forum Spam Integration
  #28  
Old 10 Jul 2008, 17:39
Shazz's Avatar
Shazz Shazz is offline
 
Join Date: Jun 2006
Location: Utah
Real name: Shawn
Originally Posted by Jase2 View Post
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.

Marco, are you employed by Jelsoft?
http://www.vbulletin.com/forum/member.php?u=60067
  #29  
Old 11 Jul 2008, 08:26
Marco van Herwaarden Marco van Herwaarden is offline
 
Join Date: Jul 2004
Originally Posted by Jase2 View Post
I'm reading the discussion thread over @ vbulletin.com and Jessica is posting in that thread.
If you would read it good you will find that the discussion is only about the wording in the release announcement.

We did take our responsibility, we did not deny or let go the report, a patch was constructed and released immediate. The discussion is only if we should have classified the real life risk of this vulnerability as Low/Medium/High in the announcement. I can hardly see this as not taking responsibility.
Originally Posted by Jase2 View Post
Marco, are you employed by Jelsoft?
Yes i am employed by Jelsoft.
__________________
Marco van Herwaarden
Ex vBulletin.org Coordinator
  #30  
Old 11 Jul 2008, 16:30
nexialys
Guest
 
Originally Posted by Marco van Herwaarden View Post
Yes i am employed by Jelsoft.
no, no, i thought you were sooo devoted to your task that you refused to be paid....

gosh, we're all managed by a monstruous conglomerate.... AAARRGGHHHHH

in some countries, employed mean slaved... i suppose that's what some guys here are reading now...
Closed Thread



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


New To Site? Need Help?

All times are GMT. The time now is 05:58.

Layout Options | Width: Wide Color: