cezanne Posted February 7, 2015 Share Posted February 7, 2015 O I have three puzzles on it, no big deal. In your case it is not even clear whether your caches are on any list with final coordinates. You are not living an area where cheater lists are a kind of business. Answer the internet is not safe. Oc course not. But geocheckers are not needed and can be avoided. These hackers are like geocache puzzle solvers. Some do it for kicks others for crime. I do not agree and I neither solve puzzles for kicks nor for crime. Moreover, when using the data from the hack the underlying motivation is not the kick of the hack (otherwise the hackers would notify the site owner and would not make the data public). Maybe change your puzzle if you do not want your answer out there. Lots of caches cannot be easily moved if at all. Quote Link to comment
+bflentje Posted February 9, 2015 Share Posted February 9, 2015 (edited) I just can't believe this thread is still active.. Edited February 9, 2015 by bflentje Quote Link to comment
+Team Microdot Posted February 9, 2015 Share Posted February 9, 2015 I just can't believe this thread is still active.. It wasn't - until you posted Quote Link to comment
+NYPaddleCacher Posted February 9, 2015 Share Posted February 9, 2015 ABTW: I'm pretty disappointed in the quality of arguments you have been offering in this thread. I usually see much better from you. I believe there was a warning about sniping..? I didn't consider that a snipe and he was talking about me. At this point, I'm not interested in debating the issue anymore or I would have responded. Quote Link to comment
+fizzymagic Posted February 9, 2015 Share Posted February 9, 2015 ABTW: I'm pretty disappointed in the quality of arguments you have been offering in this thread. I usually see much better from you. I believe there was a warning about sniping..? I didn't consider that a snipe and he was talking about me. At this point, I'm not interested in debating the issue anymore or I would have responded. It was not intended as a snipe. I respect NYPC greatly and his arguments are generally very good, even when we disagree. By no means was that comment intended disrespectfully or to be insulting. Quote Link to comment
+NYPaddleCacher Posted February 10, 2015 Share Posted February 10, 2015 ABTW: I'm pretty disappointed in the quality of arguments you have been offering in this thread. I usually see much better from you. I believe there was a warning about sniping..? I didn't consider that a snipe and he was talking about me. At this point, I'm not interested in debating the issue anymore or I would have responded. It was not intended as a snipe. I respect NYPC greatly and his arguments are generally very good, even when we disagree. By no means was that comment intended disrespectfully or to be insulting. I think maybe I should have explained my argument then. When I was asking for evidence that a geochecker other than geocheck.org has been hacked to support the contention that geocheckers are inherently insecure I should have qualified that by "inherently less secure than any other web site". I agree that no web site is guaranteed to be secure. If someone is going to make the argument that they won't use a geochecker because they're insecure then using this site or any other site which stores user credentials is just as risky. There was a lot of speculation about the security skills of the developer of the site because it was a hobby site. The way I see it, the fact that it's a hobby site is not relevant. I certainly don't consider myself an expert, but my skills wouldn't be diminished if I chose to apply them to a hobby site. I probably wouldn't have responded to the cezannes argument if web application security had not been recently on my mind. About 10 years ago I designed and developed a web site (which is still in use) for a well known U.S. government agency. I spent two years developing the site, maintained and supported it for a couple years and then someone else took it over. That person left about a year ago and someone else (that doesn't have a lot of programming experience) took over maintaining the site. A couple of months ago it got hacked, most likely through an SQL injection. The person that was maintaining it wasn't getting the job done to close up the security holes, so despite the fact that I have a really full plate with two major projects (one as technical lead for a project supported by a $5 million grant) and three others, I was asked to go and fix code I hadn't looked at in six years. I have spent about 2.5 weeks full time closing up security holes and fixing various other issues that haven't been addressed. We didn't just tell the ~60,000 subscribers of the site to stop using it. We (I) closed up the security holes and did as much as we could to make the site secure, but now I've got to deal with 2.5 weeks lost time on those other projects with overly ambitious deadlines. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.