I quite like waffles.fm. The SQL injection attack on what.cd last night has me a little worried about them, but I guess it's a beginners mistake that they will learn from. Hopefully so will waffles. These sites are barely a few weeks old, so I applaud the progress they have made in this short time. Many of the features that were present on OiNK have been implemented in some form, and the staff are beginning to settle into a routine. Both have a good user base and the users are busy linking their collections. I sincerely hope both sites do well, they've got some big shoes to fill.
Edit: I'm hearing reports that What.cd is suffering from
another SQL injection attack. Be extremely careful if you plan on visiting.
Edit 2: The SQL injection attacks continue. This doesn't bode well for What.cd:
Edit 3: I'm not Paine, I'm azc. The clue is below where it says "POSTED BY AZC". Hope that clears up some confusion.
65 comments:
What? Why such a change of heart?
Ehm?
But... I like Paine's postings! :D
But fair amount of love to both sites...
what<3
waffle<3
now... let the friendship begin! xD
Noobs. :(
Seriously, the first thing to do when making a new site is to make sure input is properly filtered. :(
Ugh, one of the first things to do when securing a site is to make sure input is properly filtered. Noobs. :(
Hmmm.. sudden change of opinion?
Then again, yeah, you were provoked.. but I don't know why you went specifically for Waffles.
They aren't being attacked, they're upgrading their servers.
Posted by azc at 19:57 7 comments
Paine didn't post this
ah see this is nice, everyone is for the music again
I want both sites to be prosperous. Why can't both sites co exist in harmony? Why is that such a far fetched idea?
What's the latest on the invite situation at Waffles.fm? I sent off an email before it started and knew it would take a while for them to reply to all the emails they would receive. I was initially lurking in the IRC channels to keep upto speed with it all, but nothing seemed to be happening so I haven't been bothering recently. So should I hold out for an email or do am I going to have to go on an invite-begging quest sometime soon?
yeah guys, paine isn't the only contributer for this site so don't get confused about why it seems to be a change. It isn't a change, its a post from azc, not paine.
So I'm still a bit confused on how an OiNK power user is able to get into either of these "amazing trackers", what with Waffles invites being held onto as tightly as the last bump of coke at a high school prom party, and with legitimate what.cd invite codes not working.
Other sites that were open a bit longer (like funkytorrents) aren't exactly stable... 504 Gateway timeouts 3 out of 4 times I try accessing the site.
fairweather fan eh?
azc posted this guys, Paine isn't the only contributer
chill out, I'm glad another contributer posted their own opinion
Erm, is Paine still a contributor on this blog? I don't see him/her on the list of contributors.
nice to see a level-headed comment on the situation
I like Waffles, too, and I'd like it even more if I were actually a member.
I sent my email containing proof of my OiNK membership (I joined in the beginning, before open registration closed) on October 30th. When I got no response, I re-sent the same message from a different address; that was at least 4 days ago. Neither of the addresses I used were Hotmail or Yahoo!.
I understand there are a ton of people asking for invites, and only 1 or 2 people to deal with all the messages. I'm not trying to sound ungrateful, but it's getting frustrating hearing all this hype about Waffles and not being able to join. It feels like I'm being ignored. I wasn't never a top 10 OiNK member, but I wasn't a leecher either – I had my Power User+ status, the 1.2 share ratio to back it up.
All I'm saying is, I hope this situation gets resolved so that people aren't stuck begging for invites on IRC.
yeah they got attacked again. goatse this time. they caught it much quicker this time though, and shut down the site with a BBS message (although it did say they were switching servers at first, until they got to it to change it).
earlier today they had posted an apology about the SQL injection and asked users to report any vulnerabilities privately.
the images don't upset me all that much. the fact that some sophomoric prank has to shut down a site for hours and hours does.
hmm, bi-polar much ?
love the waffles already.
You guys are pretty dumb for missing the fact that Paine didn't make this post.
As for the SQL injections ... really weak. I've had worse shocks from a potato.
this is azc not paine.
i hope that what learns from this and SANITIZES ALL USER INPUT!
i'm still going to wait for boink to come out, at least we know for sure that TPB is somewhat competent.
i actually am with roddie. i sent in my "proof" but i'm not sure if i may still be getting allowed in or if i need to look around for invites.
What exactly does a SQL injection mean and why shouldnt I visit?
azc you are my hero
Or a fair amount of hate to both sides anyway.
I think he's just screwing with us. I love Paine. Don't ever leave us.
Yeah i am seriously lacking an invite on waffles.fm as well. i NEED it. How does one go about getting it? I've always been the one giving the invites so this is a new thing looking for them :)
Haha. Paine, you're a pussy sellout. Yesterday you posted that you hated waffles and today you like it. WTF. Please end yourself.
I like Waffles, because I'm in Waffles and not What and therefore couldn't make a valid comparison.
what.cd --> RIIA
a message appear on the main login page of all members, saying that riia have all the information of members of the database and will procceed for terminating pirates who registered there. go ahead and delete your accounts!!!
sorry guys but i'm not sure on that -> can i be a member on waffles.fm if i was a member of oink?
is the attack you're talking about the message about the riaa/piracy/oink?
http://img85.imageshack.us/img85/1773/piracyci4.jpg
Wait . . . so is the SQl-injection attack causing that weird piracy is illegal thing?
Sentence? what sentence? nobody has ever been jailed for downloading afaik, only fined.
it's a bad joke..
its changed to redirect to 2girls n cup to meatspin now
yes.
srsly someone needs to stop these pranks.
Ok, some people...how do you even get up in the morning?
In any event..looks like what is having to do some fast growing up, sucks for them but that's where it's at. Ironic though, that with said weaknesses on a site you could argue that even a user database doesn't prove anything since anybody could manipulate that as well, with proper knowhow.
Oh well.
For the record, I prefer the layout and functionality of waffles to what, but both are decent sites, and political sniping aside, there should be no reason not to support both sites. *nothing* is gonna be oink for a very long long time, so people should just chill out and accept what is presented at face value, nothing more, nothing less.
Again, My 2c.
Ameneon@Oink.
how serious is this?
rofl @ the moron calling it the riia, and also believing it.
The person/persons doing these SQL injections are furthermore proving they have no life, and are pathetic little shits.
Probably, someone has mentioned this before.
I am NOT jimmy, but his idea is nice. Here is how you can find mp3s on google:
http://www.jimmyr.com/mp3.php
That's what i did with oink. Just queried an mp3 name...
Noone cares whether any of you faggots got or need invites, stop spamming every single topic with your pathetic whining
aaw..i still remember the day you invited me to OiNK :D
long time no see.
i don't like waffles though.
it's a ballus lixxus deluxxus :O
(mature ?) enyhows.
oh yea, if you see madstylin, tell him i said hi!
mamamamamamammaadstyylin
come back paine, youre the only one i trust on the intarnets
I'm assuming it's not really anti-piratical folks that are attacking what. It's fucked up that people from our own community are attacking it. I know, let's have people from waffles attack what and people from what attack waffles and if they're all really succesful we'll have NO good torrent sites. Or instead, let's NOT have have TWO good torrent sites.
What the fuck, is it about your penis size, or is it about getting good music? What happened to the hydra?
Invite begging gets you nowhere when invites are closed.
Lol @ what.cd
I'm glad i deleted my account there a couple of days ago. Also, i never used the account I had. :)
is Paine no longer a contributor on his own blog?
Posted by azc at 19:57 12 comments --- I didn't notice it at first either. Not the same blog poster. It's kind of odd that Paine let's people of other opinions post on teh paine blog. Hmm, anyway, cowabunga dude.
so there is light after all ...
It's sad that some people apparently just hop on a computer for the first time and managed to find this site/use torrents..
The screenshot appears to show a cross-site scripting attack, not SQL injection.
XSS is considerably harder to defend against, and I very much suspect almost every tracker out there has an XSS vulnerability somewhere.
This is said as someone who is a member of neither waffles or what.
FYI invites will be open today at 5pm EST for the first 2500 users
i have to admit, i'm getting pretty fucking sick of what.cd crashing every time it goes up. fucking site goes down more often than every slut in highschool put together.
So if I turn of JavaScript, I'm not affected by the cross-siting/injections on what.cd? ?
mm. what.cd refuses connection
but the tracker doesn't
someone can explain?
what is fyi?
I know this site isn't meant for this...
But...
Are invites being sent to all former Oink users, from Waffles ???
I'm Hurtin w/out the pink palace (just like everyone else), sorry to sound so pathetic.
I wish everyone the best.
Sorry but are you OiNK himself?? or just an amateur / oink lover???
For Your Information
Haha, what has been offline pretty much the past 3 days.. how pathetic..
Long live delicious food! That's what you got for disagreeing with me on what is better, as in X360/PS3, what/waffles, ketchup/mustard, Edam/Gouda. :)
Also, astmatik, lol, lern2usewikipedia/urbandictionary/google?
waffles is really good. i encourage all former oinkers to seek invites there
FYI = For your information
what.cd is down right now, because it's much easier to make a site more secure without forums & irc channels being flooded with "omg wtfux da riaa is after us gtfo" fucktards.
Patience is key.
Post a Comment