SPGB website security

5 posts / 0 new
Last post
ajjohnstone
Offline
Joined: 20-04-08
Jul 8 2018 04:50
SPGB website security
Some who come here also visit the SPGB Forum and in the interests of the Thin Red Line solidarity i wish to inform you of an unfortunate event. Hopefully, your own website does not share the same vulnerability but take care and be warned. Be warned our website is down for the immediate future due to a cyber-attack from persons so far unidentified. Fortunately, we have a very competent internet committee who are feverishly repairing the breach. Not being computer savvy, i now quote from an announcement. Quote:
Our initial assessment is that the attack took place approximately one week ago and that it was effected through a security flaw in the content management system (CMS) that powers the SPGB website. The identity of the attacker is not currently known to us. The evidence we have examined so far suggests that the attacker had the opportunity to access almost all information stored on the web server, including the SPGB forum's user database. The user database stores passwords in a secure manner, so it is unlikely that the attacker was able to see them. However, the attacker may have been intercepting data submitted through the SPGB website from the time of the attack until yesterday evening. This means that if you logged into the SPGB forum on worldsocialism.org, then the attacker may have your username and password. In any case, if you use the same username/password or e-mail/password combination on both the SPGB forum and on other websites, we advise you to change your password on those other websites immediately. If you entered any other kind of information (such as submitting a contact form or sending a private message on the SPGB forum) on the websites of the SPGB, the World Socialist Movement, the Socialist Party of Canada, or the World Socialist Party of New Zealand, then for now you should proceed on the assumption that that information has been exposed to the attacker. We are still working to assess the extent of the attack and to repair the damage, and we will attempt to notify any and all affected users directly once we are able to gather their contact details from the relevant databases. So far we have been able to restore the mail server (but not the webmail interface) and the Socialist Party of Canada website. We hope to be able to restore the webmail interface and the WSPNZ website in the next few days. However, the SPGB and WSM websites could remain offline for several weeks while we fix the security flaw that led to this breach.
jondwhite's picture
jondwhite
Offline
Joined: 23-10-12
Jul 8 2018 10:47
Reset your libcom password here http://libcom.org/user/password
explainthingstome's picture
explainthingstome
Offline
Joined: 9-08-18
Jun 24 2019 18:09

This is off-topic and I apologize but I'm a visitor of the SPGB website (I'm not a member) and I'm wondering about this site.

I didn't manage to figure out how to write messages to people so I'm writing my questions here where there's people from the SPGB forum.

1. Does this forum allow threads that ask questions about marxian economics?

2. Will I ever be allowed to start threads?

jef costello's picture
jef costello
Offline
Joined: 9-02-06
Aug 15 2018 13:19
Click on the poster's name and it will take you another page where "Send this user a message" should be an option. It might be that you didn't have this option because you had ben flagged automatically as a spammer by the software. That shouldn't be a problem. You can always starrt threads, again this might have been prevented by the spam software. You can talk about marxian economics, can't guarantee anyone will talk back smile
Steven.'s picture
Steven.
Offline
Joined: 27-06-06
Aug 15 2018 13:43
Explaining, thanks for your comment. As part of our anti-spam protections, unauthorised users can't send private messages or start forum threads until they post a request. We have now approved your account though so that should be fine