A
Administrator
Guest
Hello APS Members,
I am regrettably and apologetically posting about the recent security flaws with our site. After a great deal of investigation and frantic panic we have found the flaw which allowed the contents of the Moderator's forum to be leaked onto the Internet.
The flaw had to do with the way permissions for banned members were handled. Banned members by default have "read only" access on ALL forums. Unfortunately, read only permission is not good enough for the Moderator's forum and for missing this I am deeply sorry. This system is very new to me (as it is to you) and this was a mistake on my part which was simply missed.
I hope all members understand what they have or will read on the aforementioned site - moderators have a tough job patrolling the forums and obviously need a place to voice concerns about members. Moderators do their best to be impartial, but are only human (and as you can see, being human is what has lead to these problems, not to mention the subsequent discussion). They only talk about other members when there are problems and when it is necessary, not for their own amusement or motives.
I would also like to add a thank you to the member who was extracting the posts from the Moderator's forum and placing them on the Internet - your carelessness in doing so was what helped us find this vital security flaw.
Once again, I apologise and hope that you all understand.
Yours
Adam
I am regrettably and apologetically posting about the recent security flaws with our site. After a great deal of investigation and frantic panic we have found the flaw which allowed the contents of the Moderator's forum to be leaked onto the Internet.
The flaw had to do with the way permissions for banned members were handled. Banned members by default have "read only" access on ALL forums. Unfortunately, read only permission is not good enough for the Moderator's forum and for missing this I am deeply sorry. This system is very new to me (as it is to you) and this was a mistake on my part which was simply missed.
I hope all members understand what they have or will read on the aforementioned site - moderators have a tough job patrolling the forums and obviously need a place to voice concerns about members. Moderators do their best to be impartial, but are only human (and as you can see, being human is what has lead to these problems, not to mention the subsequent discussion). They only talk about other members when there are problems and when it is necessary, not for their own amusement or motives.
I would also like to add a thank you to the member who was extracting the posts from the Moderator's forum and placing them on the Internet - your carelessness in doing so was what helped us find this vital security flaw.
Once again, I apologise and hope that you all understand.
Yours
Adam