Suggestions for fixng website issues
8032 cr points
Send Message: Send PM GB Post
32 / M
Offline
Posted 11/4/17 , edited 11/4/17
Just a few things I wanted to suggest during your hack fix:

Don't store, send, and receive usernames and passwords in plaintext (use encryption).
Define a characterset so that it can't be exploited.
Don't announce that you're using an outdated verson of NGinx 1.10.3 and probably Ubuntu as well. Set your metadata.
Don't use Adobe Flash which has been disabled from so many browsers due to its security flaws.
Stop ignoring people trying to tell you such things because it's been over a year now that I've been telling you and this hack was preventable and any leak of users private data was also preventable.

If you feel like I'm trolling, forward this to your engineers and ask them why we're being ignored even now when something has happened. When all of these things were made known for over a year now?
Yes, people are upset, but removing these suggestions because you don't like them is irresponsible when it's a list of exactly what needs to be done.
121578 cr points
Send Message: Send PM GB Post
F / Boston-ish
Offline
Posted 11/4/17 , edited 11/4/17

D3m0n1q_733rz wrote:

Just a few things I wanted to suggest during your hack fix:

Don't store, send, and receive usernames and passwords in plaintext (use encryption).
Define a characterset so that it can't be exploited.
Don't announce that you're using an outdated verson of NGinx 1.10.3 and probably Ubuntu as well. Set your metadata.
Don't use Adobe Flash which has been disabled from so many browsers due to its security flaws.
Stop ignoring people trying to tell you such things because it's been over a year now that I've been telling you and this hack was preventable and any leak of users private data was also preventable.

If you feel like I'm trolling, forward this to your engineers and ask them why we're being ignored even now when something has happened. When all of these things were made known for over a year now?
Yes, people are upset, but removing these suggestions because you don't like them is irresponsible when it's a list of exactly what needs to be done.


I think you already covered this, or at least some of it, in your other thread Crunchyroll's recent failure which was moved to the Suggestions / Feedback forum, so I've closed this thread.

The Advice, Info, Recommendations forum in "Crunchy Connections" is for requesting things like personal advice and recommendations from other users, and responding to those requests. CR staff do not routinely look there. To make suggestions to Crunchyroll please use the "Suggestions / Feedback" forum in the "Help" section.

If any of what you wrote above was not included in your prior thread, then please feel free to edit your post in that thread to add to it.
You must be logged in to post.