Page 1 of 1

tapirsoft site possible issue

Posted: Sun Apr 14, 2019 9:06 pm
by slowmaker
Does anybody have contact with Mr. Wilstrand?

I looked at http://tapirsoft.on-rev.com/ride/ from reading an old runrev newsletter today, and observed a header that looks fishy: the message 'hacked by salim' is plastered over the top of the page.

I private messaged him earlier, but I don't know if he will check in here anytime soon, so...if you know him, drop him a line, eh?

Re: tapirsoft site possible issue

Posted: Sun Apr 14, 2019 9:29 pm
by bogs
Ooo, I hope they still check their pms (unless they changed the preference, and email is sent by default).

Re: tapirsoft site possible issue

Posted: Mon Apr 15, 2019 5:29 am
by FourthWorld
Now we have an ethical quandary: we know the site has been hacked, and we know that some WordPress hacks can be dangerous to site visitors.

Should we temporarily hide this forum until we hear back from the site owner that the issue has been addressed?

Re: tapirsoft site possible issue

Posted: Mon Apr 15, 2019 7:33 am
by SparkOut
I would personally agree to that Richard. I believe Mats is a soloist and has lots of competing demands on his time. I don't suppose there is any significant number of visitors driven by this forum to Mats' site, but think it is prudent to avoid that risk. As an open source project, it is not rIDE I would feel uncomfortable about hiding, but much trickier to consider the commercial product forum for rTree and rGrid.
I don't know what use I could be (especially as I have some huge personal issues at the moment), but I would volunteer to help get Mats' site sanitised and back up and healthy. Perhaps he could do with some other helping hands.

Re: tapirsoft site possible issue

Posted: Mon Apr 15, 2019 3:08 pm
by FourthWorld
Good thoughts, SparkOut.

I tried looking for a way to simply hide the forums in question, and it's not obvious. Maybe Klaus knows how.

But then we also have to consider the LC Store.

I'll try contacting Mats while I seek guidance from Heather and the team.

This is a good opportunity for all of us to review our online infrastructure and make sure all components are using the latest available patches. O-days sometimes happen as well, but they're rare compared to automated attacks based on known vulnerabilities.

Re: tapirsoft site possible issue

Posted: Mon Apr 15, 2019 5:50 pm
by FourthWorld
I just wrote Mats this morning, and will report back on how we will handle this once I hear back from him.

Thank you Sparkout and Bogs for chiming in on this, and a big thank you to slowmaker for bringing this issue to our attention.