[Noisebridge-discuss] I am really disappointed with certain members of noisebridge

Crutcher Dunnavant crutcher at gmail.com
Fri Oct 30 21:38:29 UTC 2009


Thank you so much lief for introducing people to cookie magic -- people like
you make noisebridge rock.

On Fri, Oct 30, 2009 at 2:37 PM, Praveen Sinha <dmhomee at gmail.com> wrote:

> Thank you so much Leif for coming forward -- people like you make
> noisebridge rock!
>
>
> On Fri, Oct 30, 2009 at 2:30 PM, Leif Ryge <leif at synthesize.us> wrote:
>
>> Ian,
>>
>> First and foremost, I offer you my sincere apology and my promise that I
>> personally will not (mis)use your company's service again.
>>
>> I was the one who pointed out last night that people could run
>> curl -d to=3 http://some-uservoice-url/votes
>> to vote for something, and that without cookies, they could keep voting.
>>
>> I would characterize this as harmless ballot-stuffing, rather than a
>> DDOS, but I understand that if it got out of hand it could certainly
>> have the effect of a DOS. I am very glad to hear it didn't take the site
>> down. Taking the site down was certainly nobody's intent; the intent was
>> simply to get a lot of votes on a single item, to demonstrate why voting
>> on things with a tool like this doesn't make any sense for a group like
>> ours.
>>
>> I personally only sent a few hundred http requests, and in light of your
>> company's stated interest in legal action (which I think is entirely
>> unwarranted given that the whole thing was apparently a few thousand
>> http requests from a single location) I will not help determine who else
>> sent more. Obviously, like most things at noisebridge, this was in no
>> way an action of the organization and was only the action of a few
>> individuals.
>>
>> I regret the strife that this caused you, and hope you can accept my
>> apology.
>>
>> ~leif
>>
>> Ian wrote:
>> > last night, there was an attempted DDOS on the noisebridge forum from
>> > 75.101.62.89 and 75.101.62.88. yes. those are both noisebridge IPs.
>> > they submitted around 35,000 votes to the forum and could have taken
>> > the entire uservoice site down.
>> >
>> > i have no problem with people voicing their concerns on the mailing
>> > list, but to do something destructive and illegal using noisebridge
>> > equipment against a company that one of its members works for simply
>> > because you didnt agree with its usage is beyond pathetic. rubin, for
>> > future reference, even though you may not mean anything destructive or
>> > personal with your "abrasive" (as you put it in your personal apology
>> > to me) comments on the list, other, weaker people on the list who are
>> > followers will take them in a different way.
>> >
>> > i tried to not censor anyone on the feedback forum and accommodate
>> > everyone and tried to play the role of strictly the forum admin. one
>> > of our staff deleted the suggestion about trying to get root on our
>> > site because, well, they simply viewed it as a threat against
>> > uservoice. i assured them finding security flaws was legitimate and
>> > will even benefit us. then they pointed to the suggestions about
>> > disparaging uservoice and my comment facilitating that. then again i
>> > reassured them i was only being the site administrator and that we
>> > shouldnt censor people who use our product even if their suggestions
>> > could hurt our business. the bottom line is i put my neck out to try
>> > to provide noisebridge with something that i thought would be useful
>> > and this is the thanks i get.
>> >
>> > aside from my current situation with the company, uservoice is talking
>> > about taking legal action against noisebridge for the DDOS attack. i
>> > have begged them to allow me to solve this without legal intervention.
>> > i ask that the people who were responsible name themselves and
>> > separate them from the rest of noisebridge. if you identify yourself,
>> > explain and apologize for your actions, i think i can convince the
>> > rest of uservoice to move past this.
>> >
>> > ian
>> > _______________________________________________
>> > Noisebridge-discuss mailing list
>> > Noisebridge-discuss at lists.noisebridge.net
>> > https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>
>> _______________________________________________
>> Noisebridge-discuss mailing list
>> Noisebridge-discuss at lists.noisebridge.net
>> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>
>
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>


-- 
Crutcher Dunnavant <crutcher at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20091030/4764ac3e/attachment-0003.html>


More information about the Noisebridge-discuss mailing list