My speculation is it's because of script exploits, but I realize it's probably phishing sites. I'm quite sure it will be re-enabled as soon as everybody's clear not to join them.
My speculation is it's because of script exploits, but I realize it's probably phishing sites. I'm quite sure it will be re-enabled as soon as everybody's clear not to join them.
bbcode has been re-enabled for some time. some functionality has yet to be properly restored, such as that of simg and img (they do that 'external image' thing)
I hate Dragcave. Good that it's not on whitelist, I am so glad.
Flickr, Minestatus etc need whitelist too though.
How about, we make a Whitelist request topic in forum discussion, and have them all compiled into one post (the OP) as they get suggested instead of flooding this topic where they will not all be seen, and be repeated.
And dont hate on dragcave, some people do take it too seriously, but it is good fun.
Rollback Post to RevisionRollBack
Your friendly neighborhood dragon. Don't be scared, I won't bite!
I am here for you, Don't be afraid to send me a message.
tryin to figure out 2 things atm..
1: why do certain peoples linked banners work and others do not even tho they host images on the same image site?
2: why is simg enabled but img is not? doesn't really make sense to me.
I hate Dragcave. Good that it's not on whitelist, I am so glad.
If whitelisting is the name of the game, then this attitude is indeed a problem. Not that Juze would have access to edit the whitelist (And by the rest of the message, I'm guessing (s)he doesn't), but if someone who DOES have access and has the same attitude, then denial and delay becomes the norm. This isn't fair to the community as a whole.
Why was this implemented? Because of a danger to the site? Or a danger to the stupid sheeple mindlessly clicking **** they shouldn't? Let them be sheep and let them be stupid. If they get hacked, it's their own damn fault.
If this is, indeed, the new norm, then safe sites should be whitelisted no matter what.
stepping back a second and looking at this whole whitelisting image host mess it is becoming clear why exactly this is only going to be:
1: an unnecessary headache
2: only a short term fix
you can whitelist "safe" image and hosting sites all you want, but what happens when they start posting bogus links and use simple redirects as a means to do the same thing they have done thus far? from years of seeing what the W.o.W. gold farmers/account hackers have done to make millions off stupid people, all it takes is changing an i to an í in a link and it's usually small enough to go unnoticed until you have already clicked it. if at that point someone is brainless enough to put in their login info on a site other than the official minecraft site they shouldn't be pitied.
honestly unless you want to eventually take it as far as disabling images and links from being posted at all there are only two real working solutions.
1: have diligent moderators monitoring the forums for attack posts and removing them quickly and banning the ip's of the posters
2: cure stupid
the second one is obviously never going to happen... just sayin
but..alas this is just my opinion...take it as you will
... if ... someone is brainless enough to put in their login info on a site other than the official minecraft site they shouldn't be pitied.
Quoted for truth.
Stupid User:
"Oh hey, I logged into the official minecraft site and clicked a link ... I think I'll put my login and password in again just so I can see whatever image they're talking about."
*click*
*EPIC RAEG FEST*
Troll:
U mad?
Community:
*epic facepalm*
Because we have to deal with the results of Stupid User for feeding the Troll. It's called Darwinian Selection for a reason. Remove the warning labels and let evolution take its natural course.
By the way ... this "External Image!!! DANGER!!" solves nothing. I could still craft a poisoned URL link (with bit.ly) with an image hosted on a whitelisted site (imageshack)....
If the user doesn't hover before clicking to see what the target url is ... then the user is stupid and deserves every last trojan that rolls into his system.
By the way ... this "External Image!!! DANGER!!" solves nothing. I could still craft a poisoned URL link (with bit.ly) with an image hosted on a whitelisted site (imageshack)....
If the user doesn't hover before clicking to see what the target url is ... then the user is stupid and deserves every last trojan that rolls into his system.
I don't know about you..but I have an internet security suite that blocks sites like that and warns me when I stumble onto one.. big red screen..warning in huge letters.. if I clicked "allow anyway" I deserve what i get >.>
bah I use cr3ationb3ta (which is closed to open uploading) and frogbag (which I kind of don't want to give out to everybody because it's kind of the clock crew's personal uploader) so I doubt they'll be whitelisted despite the fact that they both shouryuken imageshack and photobucket right in their opportunistic taints and send them bam, zoom, straight to the moon.
Because we have to deal with the results of Stupid User for feeding the Troll. It's called Darwinian Selection for a reason. Remove the warning labels and let evolution take its natural course.
By the way ... this "External Image!!! DANGER!!" solves nothing. I could still craft a poisoned URL link (with bit.ly) with an image hosted on a whitelisted site (imageshack)....
If the user doesn't hover before clicking to see what the target url is ... then the user is stupid and deserves every last trojan that rolls into his system.
1. Agreed that the 'External Image!! danger blah blah blah' isn't getting us anywhere.
2. The poisoned url is a much more benign exploit. what was happening is images were being embedded in posts, and the presence of the image on the page caused a login prompt to appear. I believe IE was affected and other browsers were not (I'm on chrome and I never saw anything)
3. it's not so much trojans, it's more along the lines that people's accounts get stolen. It's phishing, not trojans.
4.
Quote from Juze »
I hate Dragcave. Good that it's not on whitelist, I am so glad.
... really? Normally I don't question the actions of the moderators, but their purpose is to do what's best for the community, and lots of the MCF community plays dragcave. I think you are out of line by saying you wouldn't whitelist it just because you don't like it. Besides, I made that thread, and spam relating to it has all but evaporated (I haven't seen any redundant threads about dc in weeks). And, as you said, you use adblock to block the images, so it doesn't even matter to you anyway.
The problem isn't people posting malicious links, we can never prevent that, the problem is embedding malicious images and the only way to prevent that is to implement a whitelist as we have done.
Yes you can link to maliciouswebsite.com and that sucks, but it isn't 1/100th of a problem as the malicious images were.
the whitelist behaves like such:
I am a whitelist.
You are a picture.
Your domain is not on the list of allowed sites, so you get replaced with a link instead.
the blacklist would behave like such:
I am a blacklist.
You are a picture.
Your domain is on the list of russian scam websites, so you get automatically filtered out and the mods are automatically alerted to your post.
You are a different picture.
Your domain is something that we didn't think to unblock using the whitelist (like images hosted on facebook), but I am a blacklist not a whitelist and facebook isn't on the list of russian scam websites, so you're fine.
I'm sorry if you already know that, it;s just it seems like something was lost somewhere here. Blacklists do very much work.
ALSO I HAD A REALLY GOOD IDEA THAT MADE ME COME HERE TO POST STUFF
Make it so BBCode features unlock as users gain seniority (in the form of posts and time since registration). use of img and simg would be forbidden until you get to 100 posts or active for 60 days. That's active, not just registered.
It's about malicious IMAGES, as citric already said. These IMAGES create pop-ups that ask for your password.
Ok... since when? I use Chrome or Firefox. Hasn't happened to me at all. Other users have reported the same thing. Apparently, as suggested earlier, it's an IE exploit. Surprise surprise..........
See my previous comment about sheeple.
You shouldn't (for the most part) be re-entering your userID and password into a site you're logged into anyway.
bbcode has been re-enabled for some time. some functionality has yet to be properly restored, such as that of simg and img (they do that 'external image' thing)
[FAQ] Extremely Common Problems
[OFFICIAL] Dragon Cave Thread
https://sites.google.com/site/gestankecraft
"This may hurt a little, but it's something you'll get used to...."
Flickr, Minestatus etc need whitelist too though.
AngelCraft 64 Texture Pack v2.0.2 (Beta 1.8.1)
Nerd, geek, server admin, guy wearing a rainbow skin (with an office suit of epicness)? That's me.
needs to be whitelisted its secure storage by lacie
...You are no longer my favorite moderator, Juze.
I'm so sorry... *sob*
< My Steam Account (add me!)
< Dragon Cave! (aid)
How about, we make a Whitelist request topic in forum discussion, and have them all compiled into one post (the OP) as they get suggested instead of flooding this topic where they will not all be seen, and be repeated.
And dont hate on dragcave, some people do take it too seriously, but it is good fun.
I am here for you, Don't be afraid to send me a message.
1: why do certain peoples linked banners work and others do not even tho they host images on the same image site?
2: why is simg enabled but img is not? doesn't really make sense to me.
finally got a banner...now I cant use it >.>
If whitelisting is the name of the game, then this attitude is indeed a problem. Not that Juze would have access to edit the whitelist (And by the rest of the message, I'm guessing (s)he doesn't), but if someone who DOES have access and has the same attitude, then denial and delay becomes the norm. This isn't fair to the community as a whole.
Why was this implemented? Because of a danger to the site? Or a danger to the stupid sheeple mindlessly clicking **** they shouldn't? Let them be sheep and let them be stupid. If they get hacked, it's their own damn fault.
If this is, indeed, the new norm, then safe sites should be whitelisted no matter what.
I block those games with AdBlockPlus though.
AngelCraft 64 Texture Pack v2.0.2 (Beta 1.8.1)
Nerd, geek, server admin, guy wearing a rainbow skin (with an office suit of epicness)? That's me.
1: an unnecessary headache
2: only a short term fix
you can whitelist "safe" image and hosting sites all you want, but what happens when they start posting bogus links and use simple redirects as a means to do the same thing they have done thus far? from years of seeing what the W.o.W. gold farmers/account hackers have done to make millions off stupid people, all it takes is changing an i to an í in a link and it's usually small enough to go unnoticed until you have already clicked it. if at that point someone is brainless enough to put in their login info on a site other than the official minecraft site they shouldn't be pitied.
honestly unless you want to eventually take it as far as disabling images and links from being posted at all there are only two real working solutions.
1: have diligent moderators monitoring the forums for attack posts and removing them quickly and banning the ip's of the posters
2: cure stupid
the second one is obviously never going to happen... just sayin
but..alas this is just my opinion...take it as you will
Quoted for truth.
Stupid User:
"Oh hey, I logged into the official minecraft site and clicked a link ... I think I'll put my login and password in again just so I can see whatever image they're talking about."
*click*
*EPIC RAEG FEST*
Troll:
U mad?
Community:
*epic facepalm*
Because we have to deal with the results of Stupid User for feeding the Troll. It's called Darwinian Selection for a reason. Remove the warning labels and let evolution take its natural course.
By the way ... this "External Image!!! DANGER!!" solves nothing. I could still craft a poisoned URL link (with bit.ly) with an image hosted on a whitelisted site (imageshack)....
If the user doesn't hover before clicking to see what the target url is ... then the user is stupid and deserves every last trojan that rolls into his system.
I don't know about you..but I have an internet security suite that blocks sites like that and warns me when I stumble onto one.. big red screen..warning in huge letters.. if I clicked "allow anyway" I deserve what i get >.>
1. Agreed that the 'External Image!! danger blah blah blah' isn't getting us anywhere.
2. The poisoned url is a much more benign exploit. what was happening is images were being embedded in posts, and the presence of the image on the page caused a login prompt to appear. I believe IE was affected and other browsers were not (I'm on chrome and I never saw anything)
3. it's not so much trojans, it's more along the lines that people's accounts get stolen. It's phishing, not trojans.
4.
... really? Normally I don't question the actions of the moderators, but their purpose is to do what's best for the community, and lots of the MCF community plays dragcave. I think you are out of line by saying you wouldn't whitelist it just because you don't like it. Besides, I made that thread, and spam relating to it has all but evaporated (I haven't seen any redundant threads about dc in weeks). And, as you said, you use adblock to block the images, so it doesn't even matter to you anyway.
[FAQ] Extremely Common Problems
[OFFICIAL] Dragon Cave Thread
Yes you can link to maliciouswebsite.com and that sucks, but it isn't 1/100th of a problem as the malicious images were.
the whitelist behaves like such:
I am a whitelist.
You are a picture.
Your domain is not on the list of allowed sites, so you get replaced with a link instead.
the blacklist would behave like such:
I am a blacklist.
You are a picture.
Your domain is on the list of russian scam websites, so you get automatically filtered out and the mods are automatically alerted to your post.
You are a different picture.
Your domain is something that we didn't think to unblock using the whitelist (like images hosted on facebook), but I am a blacklist not a whitelist and facebook isn't on the list of russian scam websites, so you're fine.
I'm sorry if you already know that, it;s just it seems like something was lost somewhere here. Blacklists do very much work.
ALSO I HAD A REALLY GOOD IDEA THAT MADE ME COME HERE TO POST STUFF
Make it so BBCode features unlock as users gain seniority (in the form of posts and time since registration). use of img and simg would be forbidden until you get to 100 posts or active for 60 days. That's active, not just registered.
[FAQ] Extremely Common Problems
[OFFICIAL] Dragon Cave Thread
Project Genesis | IP: pgenesis.com
Dedicated Server | Active Staff | Chocolate
Visit our forums at http://www.mcgenesis.net
Ok... since when? I use Chrome or Firefox. Hasn't happened to me at all. Other users have reported the same thing. Apparently, as suggested earlier, it's an IE exploit. Surprise surprise..........
See my previous comment about sheeple.
You shouldn't (for the most part) be re-entering your userID and password into a site you're logged into anyway.