PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Change in organization of forums for DC19 contests, events, social gatherings, and parties.

The list of all of these in one container was too much, so I have organized these into groups:

* contests
* events
* parties/social gatherings
* other

A new addition "parties/social events" will likely be growing, as I am planning to populate it with forums for parties at Defcon, and then populate these with one or more posts with links to online resources provided by the people that are running these parties. Many parties have moved to use twitter or host content about their party on website, or form facebook groups. I am not forcing organizer of parties to use these forums, or telling them should not use them either. I plan on have forums for each so we can direct people visiting the forums in the right direction to get the information they want about a party or social event.

I am fine with these forums existing even if nobody posts to them, and if people want to post to them.

Hopefully, over the next month or two, we'll get information about parties so we can make forums for them with links to online resources provided by the people that run these parties.

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

DT convinced the mail server to deliver mail from the forums out to you all, so email registration and notification should now be working. You should be able to sign up for forum accounts using email, reset your password by email, and get notifications on threads you have subscribed.

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Added new forum for *unofficial* HackBus event:

[forum=571]HackBus[/forum]

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

That sounds great! I am getting tired of performing manual email validation for new users, and addressing password reset requests by email.

IN other news,I've created a forum for DCTV:

[forum=570]DCTV[/forum]

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Tonight or tomorrow night we should have the email fixed again as well.

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

This was done in stages. First, we offered both http and https access to the forums, and I setup an image with red text to let people know they were stupid to use http. Clicking on the image location for http or https would toggle back and forth between http and https, but when leaving https for http using this method, an additional warning appeared.

Once we had https support working for a long time without problem, I stopped http service to forums, denying login, or credential passing (except cookies) and removed all web software from the "http" root, replacing it with a few scripts and text files -- none of which should ask for cookies. This message also directed people to email us ay defconforums@gmail.com if they had trouble with https-only forums. (This is something I worried about, especially on phone-browsers at the time, and search engines that crawled the web.)

We had that message for a year or more, and no email complaints. Additionally, search engines still crawled the forums.

Then this came up: https://forum.defcon.org/project.php?issueid=33

I really do like working with forum members that suggest new ideas when the ideas are liked by mods, too. Most of the idea I've implemented here were not thought of by me, but by mods, or other users. Shortly after that, we did away with the error page (not really) and forwarded people to https.(The error is still there, but with a meta refresh time of zero, most browsers will not even display the error for users to read before going to load the site by https.)

Then there was server failure (probably the motherboard) around March 8, 2011, and a rebuild of all web service. After reconfiguring everything I started looking for things that were still broken, and the http-to-https forwarder was broken because I never installed the files for it. That should be fixed too. We should now be forwarding http to https on connection.

Anything else broken other than mail? (To fix mail, DT or another sysadmin needs to configure a mail server to allow the new forum server to send mail out to users.)

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

in a conversation with someone recently, i brought up the topic of "forced" HTTPS and how i like it when sites don't give people an option to be insecure (and how i wished more webmail providers, etc. would do that)

to show them a direct example just now i hopped to http://forum.defcon.org but it seems that the old "you should use HTTPS, you douce" message (i'm paraphrasing) is no longer there and one can get clear-text forums access.

when did this change take place? was it intentional?

[EDIT: strange, either i read the screen wrong or the system isn't doing the same thing anymore. heh, since i am never wrong about anything i'll have to assume it was a momentary glitch on the server. ;-) now it just passively forwards people to the HTTPS site. all's well with the world.]

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

It looks like I've fixed the uploading of avatars, so they now work on the new server.

There are still limits on filesize of avatars uploaded, types of images supported, size of images (pixels wide x pixels tall), and most users are not allowed to upload animated gif.

Avatar selection is disabled for lurker (L1), but should be active for L2, L3, L4, and Forum Leader-Organizers.

Other than mail for password reset and creating new accounts, what else is broken?

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Forum created for unofficial event "[forum=568]Pre-Defcon Party[/forum]" and kallahar's thread on this subject has been moved there with a permanent redirect to the new location in the forum.

Forum Description:

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

AlxRogan dropped mod privs a while back because he wasn't going to be around for a while. (Mods have privs because they moderate. We don't keep "vanity mods.") Now that he has time again to mod, his mod privs have been restored.

Welcome back AlxRogan!

Seasonal mods Pyr0 and Russ have had their privs restored because they are here more often as Defcon approaches. They drop privs again shortly after Defcon.

Welcome back Pyr0 and Russ!

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

I received word from the forum user that provided official announcements for this contest last year (Vulc@n), that the same group that ran this contest last year is working with DT to bring it back again this year at the Rio.

The forum user vulc@n (UserID:24343) is who you should listen to on the forums for official announcements. Anything posted in the CTF forum about the CTF not from this user should be considered suspect of attempted social engineering, or disinformation.

Description provided for this year:
Forum created: [forum=566]CTF[/forum]

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

I just got confirmation from Pyr0 (UserID 64) that BluKnight (userID:26) will be running SkyTalks this year. BlueKnight has let me know that the event SkyTalks is indeed, ON, and provided a new description for it.

As a result, a new forum has been created for this:

[forum=565]Skytalks[/forum]
Enjoy!

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

From twitter:

And after being asked about it coming back after missing DC18, but being present at DC17:
As a result, I have [forum=564]made a new forum for this event[/forum] and imported the name, description and site URL from Defcon 17. Some of these will likely change once more information is provided. For example, maybe the name will be changing to "Hack Fortress" as suggested by the first tweet.

Followup:
He sent me an email with the updates, and I have updated the name as requested to "Hack Fortress" and it has a new description, too:

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

I have completed this dialog with a few people since announcing this. I will be manually composing email messages to other people that have requested forum accounts since this hardware failure and move to a new server. Those messages should go out later today.

Another admin that manages the mail server has not been available on-site to make the required changes to fix email relay through that server, and there is no ETA for this. I continue to address this through a manual process, which is slower.

Apologies for the delays caused by this.

Re: PUBLIC-NOTICES: Forum Changes/Fixes. Any Questions?

Down times for forums with this work on software only lasted 5 minutes for each server (pics and forums.)

Scheduled maintenance of production servers should now be complete unless problesm are found or reported.