Search results

Passwords aside - that's a lot of names/emails/physical addresses that just got leaked.  Those folks won't be happy.

It's an old file, from back in the <4.* days.  I find it very hard to believe that they would take a secure, working file and replace it with such a massive security hole - so there's every reason to assume that all WHMCS versions are affected.

David's working on a fix now, from the hotel lobby.

The file in question is an old one, pre 4.* days.  I can't imagine they would replace a secure, working file with the atrocity there now, so safest just to assume all versions are affected.

Nah, go for it, I don't mind.

Yes, this is confirmed.  After seeing the... utterly incompetant coding practices, I wouldn't trust just using Maintenance mode.  I ripped down our entire install and just put up a placeholder for now.

http://localhost.re/p/whmcs-527-vulnerability tl;dr - A rather gaping security hole in WHMCS.  I've taken ours offline - strongly suggest other providers do the same.

True, but given that a CC "provider" likes to claim 'I've seen your racks, I know what you have'... I imagine hilarity would ensue if they tried to make an issue of whoever took that pic.  Hypocrisy always makes for the best drama.

http://www.reddit.com/r/SilkRoad/comments/1nl7p9/sr_shutdown_fallout_discussion/ And now I have this overwhelming urge to listen to Bobby Fuller.

My stance was always about preventing repeat offense.  New clients get the benefit of the doubt;  one of my primary goals was preventing someone that had been terminated for.. spam, for example, to stay on topic.. from just opening a new account and going at it again.  Our SBLs were a bit of a...

Ah, so it seems.  My apologies, looks like I was a bit out of the loop on this one.

Issues like this are why I pushed for QC when it came to accepting new signups.

If you own a domain, you can register a gApps account for free.  Free gApps accounts can currently have up to 10 users and (seemingly) unlimited aliases/domains/etc.  If you don't mind their disregard for privacy, it's a reliable enough solution.

Hey now, tragedy can be amusing too :P

Spend some time working with Anthony.  He makes tickets a LOT more fun :3

I do, aye.  I handle pricing and contracts for this region, as well as fill the local IT role.

We use something very similar at Coke - but it's all in-house.  I wrote the actual tracking and calculations, but not really sure what advice if any I could give on the subject.  I don't have any recommendations as far as third party =\

This moron.  I worked for Fran voluntarily for years - he had to force me to start accepting wages.  We're practically family - it's never been about the money.

The fact that this thread made it to five pages tells me it's all opinions and no solutions.  FFS people, let it go - on both sides.

It's worth noting that a few of us left LE* before any of that CC drama came about.  The whole community was going to shit after LEA stepped out, and it quickly turned into a place where being associated hurt your reputation more than helped.  I could care less about CC owning/running a forum...