MacRumors Hacker Promises Stolen Passwords Are Safe

The hacker behind Monday’s breach of an Apple-related rumor and news website has promised to not leak any of the 860,000 passwords he stole.

But the hacker — known as “lol” — said that any users who’d reused the same password on other sites had only themselves to blame. “We’re not terrorists,” he said. “Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place.”

The MacRumors website disclosed the breach Tuesday, saying that an attacker accessed a moderator account for the vBulletin software — sold by Internet Brands — that runs its online forums, then managed to escalate their access privileges, and dump a database containing usernames, email addresses and passwords, which were hashed and salted. The site recommended that all users immediately change their password for MacRumors, as well as any other site for which they’d used the same password.

“We sincerely apologize for the intrusion, and are still investigating the attack with the help of a third-party security researcher,” said “MacRumors god” Arn Kim. “We believe that at least some user information was obtained during the attack,” including passwords, he added. “They are vBulletin’s standard md5 hashed and salted. Which is not that strong, so assume that your password can be determined with time.”

In a series of MacRumors forum posts, Lol confirmed Wednesday that he’d dumped the forum database and obtained usernames, email addresses, and salted and hashed passwords for 860,106 users. As proof that he was behind the hack, lol also published the first 16 bits of Kim’s old password hash, as well as the salt used for the password. But lol promised not to leak or even crack the passwords, or use the information to hack into people’s Gmail, Apple, Yahoo or other accounts, “unless we target you specifically for some unrelated reason.

Read the Full Article

Be the first to comment - What do you think?
Posted by PetersWeb - November 17, 2013 at 13:26

Categories: Forum Software, Software, The Online World, vBulletin   Tags:

How Well is Your HP TRIM System Performing?

I have worked with HP TRIM since before it became a HP Product – over 8 years now! Having worked closely with many clients around Australia for this length of time means that I have an extensive list of the organisations that are using TRIM – that’s one example of how I use information management.

Many organisations who use HP TRIM have an existing relationship with a HP Business Partner or utilise internal resources to maintain and upgrade their HP TRIM system. I am not suggesting that you change this arrangement if it’s working for you. In fact, I would like to encourage you to continue to maintain this relationship to ensure that there is some continuity in how your HP TRIM system is configured.

What I would like to propose is that in addition to the services provided by your current service provider, you be proactive by utilising my services for the functions listed below and more. What I’m suggesting is no different to you gaining a second opinion when having work done on your car or your house. Even if you don’t use my services now, you may be stuck at some stage in the future and need my help then. Make sure that you keep this article handy for the future!

Some of the services I can offer include:

HP TRIM Health Checks and Post Implementation Reviews
If you have used HP TRIM for sometime, I can conduct Health Checks of your system to ensure that it is still performing as intended. The Health Checks cover both the configuration or “front end” and also the technical or “back end” side of your implementation. If you have recently implemented HP TRIM for the first time or upgraded your system to a newer version, I can conduct checks and report on whether it is running correctly and make recommendations on how to improve performance and usability. You can then decide if you’d like me or your current service providor to implement those changes.

HP TRIM Training
I can conduct End User, Power User, Administrator, or Technical Administrator training onsite. I have many years experience in delivering, writing, and administering training both in Australia and overseas. Your training packages can be developed to your requirements so if you require the training to be tailored specifically to your organisation or if generic training is all you require, I can help you to achieve your desired results.
HP TRIM Maintenance
You would be surprised at the number of organisations I have visited over the years that have never run a regular maintenance program on their HP TRIM system. Do you know what items need to be regularly checked to ensure that your HP TRIM system operates as you require or if you have missing documents and how to recover them if you do? I can visit your site for a few hours every month and run these maintenance tasks for you. Alternatively, I can show your IT staff what to do and help them to develop a HP TRIM maintenance plan.
I can work with all main HP TRIM Business Partners
I have established good relationships with many of the existing HP TRIM Business Partners. While retaining the ability to remain independent, I will be able to work harmoniously with your existing HP TRIM Business Partner to ensure that your project is delivered as you require.

If you would like to know more about the services that I can offer, please complete and send me a HP TRIM enquiry form ( to let me know a little more about your system before we talk. Of course, you can always email or phone me using the details listed below.

No matter what you would like to with your HP TRIM system, keep me in mind and let me know when you would like to engage me to assist you.

Be the first to comment - What do you think?
Posted by PetersWeb - October 10, 2013 at 21:02

Categories: HP TRIM   Tags:

Potential vBulletin Exploit (vBulletin 4.1+, vBulletin 5+)

A potential exploit vector has been found in the vBulletin 4.1+ and 5+ installation directories. Our developers are investigating this issue at this time. If deemed necessary we will release the necessary patches. In order to prevent this issue on your vBulletin sites, it is recommended that you delete the install directory for your installation. The directories that should be deleted are:

4.X – /install/
5.X – /core/install

After deleting these directories your sites can not be affected by the issues that we’re currently investigating.

vBulletin 3.X and pre-4.1 would not be affected by these issues. However if you want the best security precautions, you can delete your install directory as well.

Be the first to comment - What do you think?
Posted by PetersWeb - August 28, 2013 at 21:48

Categories: Forum Software, Software, vBulletin   Tags:

Server upgrade

I now have a new server.  A Virtual Dedicated Server to be accurate.

It’s been commissioned awaiting the migration of all my hosted sites from the existing server to the new VDS.

I’m really looking forward to seeing the 4 core processor in action as one of my personal sites, has been experiencing some issues of late.  Here’s hoping that the server upgrade will fix that.

In addition to the server upgrade, I’m currently testing a replacement for the XenForo forum software that currently runs.  I’ve created some test migrations of the site to IP.Board and vBulletin so I can evaluate their suitability.  At present, I favour a move back to vBulletin which the site used for several years.

Be the first to comment - What do you think?
Posted by PetersWeb - February 18, 2013 at 17:41

Categories: Forum Software, Software, vBulletin, Web Sites, XenForo   Tags:

The Apple / Google / Facebook Message War Starts Now

We’re on the cusp of a global conflict that will see the three most powerful consumer Internet companies fighting to win control of interpersonal communication. The war will pit Facebook’s unified Chat / Messages / Email vs Apple’s cross-device iMessage system vs. Google’s Gmail / GChat / Hangouts. If one emerges as the definitive victor, it could sway the future of digital human interaction.

Read on as we survey the battlefield, review the weaponry of each company, and assess who could win the epic message war and the fortune that comes with it.

Last week we saw Facebook fire the shot of this war when it changed everyone’s profile contact info to display their address and hide their previously selected Gmail, MobileMe, or other email addresses. Why? To box out Google and Apple. Even with natural advantages like a firm grip on identity and the social graph, plus the fact that it works across both iOS and Android devices, Facebook still felt like it needed to attack.

We’ve likely reached “peak SMS” — next year fewer text messages may be sent than this year due to the rise of data-based alternatives. Now is the time for one of these three messaging platforms to take the place of SMS.

Read the Full Article

Be the first to comment - What do you think?
Posted by PetersWeb - July 3, 2012 at 09:45

Categories: The Online World   Tags:

New Client Tools – Invoicing

For the past few years, I’ve been using a web-based invoicing system which has many features that I have never used.

I’ve now installed a new invoicing system that will run directly from this website.  This means that my clients won’t need to go to a third party website to view their invoices any more….you’ll be able to do that right here!

Coupled with the a client service area, this website will be the hub for all contact with Peter’s Web and IT Clients.  If you have any general-type questions, please send them to us via the contact form.

Be the first to comment - What do you think?
Posted by PetersWeb - April 28, 2012 at 22:26

Categories: Site News and Information   Tags:

We’re adopting Buddypress on our sites

Regular visitors to this site (not many I’ll admit!) may have noticed a change to the regular WordPress tools.  I installed Buddypress on the site to aid user interaction and allow a more community-type feel.

In addition to Buddypress, I’ve also installed an invoicing plugin that will soon allow Peter’s Web and IT Services clients to access their invoices via this website.  The Buddypress Groups will also be used for clients (and anyone else who cares) to post questions and information about topics that interest them.  Where possible, I’ll respond as soon as I can but if you know the answer, feel free to provide it!

I hope that you enjoy the new tools that are available on this site.  I hope to introduce more as the need arises.

Be the first to comment - What do you think?
Posted by PetersWeb - March 9, 2012 at 11:58

Categories: Buddypress, Site News and Information, Software, Wordpress   Tags: , , ,

Times are a changing!

I’ve added the ability to get some user interaction on the site.  In the past, I’ve used this site primarily to post the odd (sometimes very odd!) update on what I’m getting involved in from a business perspective.

From today, I’d like to encourage you to join me in discussing Web technologies, Domain Names, Hosting, and Information Management.  These are all subjects I’m interested in and ones that I concentrate on in my business.  I’m happy to discuss these topics in the Group forums so come on and get involved!

If you’re looking to host your own website, don’t forget that you can purchase your Domain Names and Hosting Packages through my storefront.  You’ll find the link to the storefront on the top right hand side of the homepage.

Be the first to comment - What do you think?
Posted by PetersWeb - March 8, 2012 at 21:09

Categories: Site News and Information   Tags:

Software tests and a new standard

After some extensive research, I’ve now implemented the following software strategy starting with my own websites.

* Sites that require a forum will use SMF 2 – this has been implemented on Is Anybody There? (General Discussion Site) and My Footy (AFL Football Site)

* Sites that require blog software will use WordPress

* Sites that require both a forum and a CMS will use WordPress bridged with SMF. This has been implemented on TRIM User Network

* Sites that become large and require more features than SMF will use the XenForo forum.

As I’ve posted previously, I performed a trial migration of the Yellow and Black website from Invision Power Board 3.1.4 to XenForo 1.0.4. This was a complete success and was completed in about an hour. Not bad for 360K + posts and 2600+ users! The resultant test site performs superbly. I’ve added the XenPorta portal which really makes the site look fantastic!

A screenshot of the homepage appears on the left.

My only issues are migrating the IPB Gallery to the new structure and whether to impose another software change on the site members a year after moving from vBulletin to IPB. Until I can migrate the Gallery, the latter isn’t a concern as the site will stay as is.

Be the first to comment - What do you think?
Posted by PetersWeb - September 4, 2011 at 12:44

Categories: Forum Software, SMF, Software, XenForo   Tags: , , , ,

Forum Software comparison

I’ve recently started using the Invision Power Board (IPB) IP.Content component on the Yellow and Black website.  IP.Content is a CMS that integrates into the IP.Board software to enable the publication of articles and the creation of databases that can be used to display various data on the site.

Having tested it for a few months and now implemented it, I’m not sure if it’s what I want on the site.  Much to my dismay, I’ve found that the database component isn’t a relational database.  I had hoped to use it to drive the Yellow Sash Award on the website but this isn’t possible the way that the IP.Content databases have been written.  I may have to learn some PHP and do everything directly from a MySQL database myself.

In any case, I’ve migrated a copy of the current database onto another server and have a working copy of the IPB site there.  I’ve also converted this to run on vBulletin 4.1.3 and am in the process of migrating to XenForo 1.0.1.  The end result will mean that a backup copy of the data from the production site will be able to run in my “lab” on 3 versions of software.  I’m looking forward to testing them all to see which software performs the best.

At present, the current IPB installation is performing terribly slowly.  I’m having difficulties migrating to vBulletin 4.1.3 as the post attachments are unable to be migrated without throwing an error.  I’ve raised a ticket with the vBulletin support team but have yet to hear back from them after over a week.  I purchased XenForo this morning and am currently migrating the IPB database over to run on this software.  So far, (51.85% into the Thread and Post migration) everything has gone well.  Fingers crossed that it migrates without any issues so I can give it a good test.

From what I’ve seen so far, XenForo is pretty responsive and easy to use.  If XenForo continues to perform this well, I may seriously consider moving Yellow and Black to use this software in the future.

I’ll post my findings here when I can.

Be the first to comment - What do you think?
Posted by PetersWeb - May 9, 2011 at 15:08

Categories: Forum Software, Software, Web Sites, XenForo   Tags:

Next Page »