Then they need to smarten up next time and not be pompous asshats.
[QUOTE=amcfaggot;33883567]Then they need to smarten up next time and not be pompous asshats.[/QUOTE]
It didn't warrant this. I know Edmund and he's not like that.
I think that what happened was totally right. Team Meat neglected the problem and, in my opinion, acted like they were better than us ("how dare you tell us what to do").
Someone said that the users shouldn't be suffering, but I say that they are Team Meat's problem. The users trusted Team Meat, and thus, if their software is insecure, it's their problem when the users suffers from it.
[QUOTE=Yogurt;33883542]To be honest, you guys DID ruin his entire database. It started out as a white hat "we'll help you fix this" but when it was over the net result was...you deleted everything.[/QUOTE]
No-one was hurt and security was improved as a result.
great success imo.
[QUOTE=Z_guy;33883681]Someone said that the users shouldn't be suffering, but I say that they are Team Meat's problem. The users trusted Team Meat, and thus, if their software is insecure, it's their problem when the users suffers from it.[/QUOTE]
I can't think of a way to get them to fix the problem without a wake up call, and it seems the only way to do it involves hurting the users.
[QUOTE=Yogurt;33883542]To be honest, you guys DID ruin his entire database. It started out as a white hat "we'll help you fix this" but when it was over the net result was...you deleted everything.[/QUOTE]
They didn't care about it at first so we needed to do something more harsh to get it through their thick skulls.
They deserved it.
[QUOTE=Jookia;33883808]I can't think of a way to get them to fix the problem without a wake up call, and it seems the only way to do it involves hurting the users.[/QUOTE]
Exactly, people tried to talk to them, but they didn't listen. What options are left?
Except you did EXACTLY what the "worst case scenario" was. YOU were the only risk there was.
[QUOTE=Yogurt;33883542]To be honest, you guys DID ruin his entire database. It started out as a white hat "we'll help you fix this" but when it was over the net result was...you deleted everything.[/QUOTE]
Bug reporting 101:
Step one: Report bug
Step two:
If bug fixed, tap on shoulder, good job, end process.
If bug not fixed, wait and go to step three.
Step three:
If bug not fixed within reasonable amount of time, remind developer.
Step four:
If bug still not fixed, fuck that shit, everything's fucking aces and the developer's ass is grass.
Out of curiosity, would you ever do a direct Mysql connection for a strictly read only database?
Personally I'd tie it to a PHP backend like I always have done.
The reason you report a bug is so someone can't abuse it further.
You were the people you would be reporting against.
The only reason to stop the bug was you.
That's not reasonable.
[editline]24th December 2011[/editline]
[QUOTE=Tezzanator92;33883895]Out of curiosity, would you ever do a direct Mysql connection for a strictly read only database?
Personally I'd tie it to a PHP backend like I always have done.[/QUOTE]
If the data isn't incriminating, there's no real problem with that.
[QUOTE=Yogurt;33883889]Except you did EXACTLY what the "worst case scenario" was. YOU were the only risk there was.[/QUOTE]
Actually there's other shit that could've happened. What if there was shitty code that read from the db and someone managed to use some kind of buffer overflow exploit to execute code on everyone's computer who saw it?
[QUOTE=Tezzanator92;33883895]Out of curiosity, would you ever do a direct Mysql connection for a strictly read only database?
Personally I'd tie it to a PHP backend like I always have done.[/QUOTE]
You can create users that have only read access, no need for PHP backend, I guess they just forgot to set the correct permissions for the user.
[QUOTE=Tezzanator92;33883895]Out of curiosity, would you ever do a direct Mysql connection for a strictly read only database?
Personally I'd tie it to a PHP backend like I always have done.[/QUOTE]
If there's nothing personal, I would do a direct connection with a user that is strictly read-only.
But that's because I'm a dumbass.
[QUOTE=Zeh Matt;33883946]You can create users that have only read access, no need for PHP backend, I guess they just forgot to set the correct permissions for the user.[/QUOTE]
But when submitting a custom level the user would still need UPDATE/INSERT permissions.
[editline]
[/editline]
You guys got me pumped for that Playstation C# API. I really hope I get accepted into the test
[QUOTE=Zeh Matt;33883172]If you want only the configuration file sure lol, however I coded many plugins my self and therefore not meant for public usage, sorry.[/QUOTE]
The ini file only, i really like the look and highlighting :)
I don't even see any plugins in there, did you make some unpackers or anything?
A chat I had with Edmund Mcmillen (Team Meat):
[quote]
[21:14] NOPE NOPE: Hey, get that database issue sorted out?
[21:26] Edmund McMillen: yeah
[21:26] Edmund McMillen: it was an easy fux
[21:26] Edmund McMillen: fix
[21:26] Edmund McMillen: we just click restore
[21:26] Edmund McMillen: and block uncoming edits
[21:26] Edmund McMillen: sad how dickish peopel can be for no reason
[21:26] NOPE NOPE: Eh
[21:26] NOPE NOPE: To be fair
[21:26] NOPE NOPE: It kind of seemed like you guys just ignored the issue before
[21:27] Edmund McMillen: huh?
[21:27] Edmund McMillen: when
[21:27] NOPE NOPE: From what you said on twitter where you said "it's fine" and stuff
[21:27] NOPE NOPE: Seemed like you just didn't care about it
[21:27] Edmund McMillen: oh i didnt say that
[21:27] Edmund McMillen: no tommy told them its fine and to leave it alone because he couldt do anything from his parrents
[21:27] Edmund McMillen: hes in NC for xmas
[21:28] Edmund McMillen: so he just told them to leave it alone its fine
[21:28] Edmund McMillen: he was going to do a database update on the new year when he got back to CA
[21:28] NOPE NOPE: Oh
[21:28] NOPE NOPE: Well I guess that explains it
[21:28] Edmund McMillen: i honestly dont see how its find leave it alone was dismissive
[/quote]
Yeah, whatever
[QUOTE=amcfaggot;33884642]Yeah, whatever[/QUOTE]
"Let's attack him because he's doing something wrong!"
"Except he's not doing anything wrong it was an honest mistake"
"Yeah, whatever"
Except he was doing something wrong. You can't deny that it was a bad move. Everything played out fine anyway, but you should never be pushing user data of that sort into your binaries.
It's just plain bad and there's no way around saying it isn't. It's bad. It was wrong.
That's all there was to it.
Something about that Edmund McMillen makes me suspicious..
Just compiled Cataclysm with Visual Studio.
[IMG]http://dl.dropbox.com/u/27714141/cataclysm_vs.png[/IMG]
I plan to ditch the item code, replace it with data files, and add scripting bindings.
What do you guys think, should I go with JS or Lua?
[QUOTE=amcfaggot;33884711]Except he was doing something wrong. You can't deny that it was a bad move. Everything played out fine anyway, but you should never be pushing user data of that sort into your binaries.
It's just plain bad and there's no way around saying it isn't. It's bad. It was wrong.
That's all there was to it.[/QUOTE]
Fair enought, but if he decided to sue for damages or something then those people were also doing something wrong
[QUOTE=voodooattack;33884820]Lua[/QUOTE]
Oh right, nobody said to leave it alone.
[QUOTE=Jookia;33884774]Something about that Edmund McMillen makes me suspicious..[/QUOTE]
How so?
[QUOTE=Yogurt;33884913]How so?[/QUOTE]
I'm just saying. Very suspicious.
[QUOTE=Jookia;33884949]I'm just saying. Very suspicious.[/QUOTE]
That's the actual Edmund McMillen.
who cares really
[QUOTE=Yogurt;33884995]That's the actual Edmund McMillen.[/QUOTE]
I'm not doubting that, I'm just saying that the actual person is suspicious.
Sorry, you need to Log In to post a reply to this thread.
