Larian Banner
Previous Thread
Next Thread
Print Thread
Issues with forum. #671208
29/07/20 10:05 AM
29/07/20 10:05 AM
Joined: Jul 2020
Posts: 2
Herbzmoka Offline OP
stranger
Herbzmoka  Offline OP
stranger

Joined: Jul 2020
Posts: 2
As a fan of the studio, and a gamer looking forward to BG3, I made an account here. Quite frankly I am pretty shocked by the sloppy security protocols implemented here.

I want to raise the following issues, ofcourse in the hopes that these will be fixed (and imo they should be!).

1) No https for the forums, seriously? I am on holiday in a less-than-privacy-friendly country, and my first thought was the govt was mass-MITMing public traffic. Imo this is below ANY standard.
2) Plaintext passwords in email? Are you kidding me? I don't think I need to explain this one.
3) Only 20 characters for the passwords? Should be expanded a LOT imo.

These things combined makes me think that the website might not have been kept up to date as well as should be.
And to think I only tried to register here to let my voice be known for a Linux version of BG3!
Pretty negative first post, I understand that but... I feel these issues had to be raised, and level up the website along with your game design!

I appreciate all the hard work you guys have put into your game(s) and would say, keep it up!

Re: Issues with forum. [Re: Herbzmoka] #671247
29/07/20 09:20 PM
29/07/20 09:20 PM
Joined: Mar 2003
Posts: 27,816
Canada
Raze Offline

Larian Studios
Raze  Offline

Larian Studios

Joined: Mar 2003
Posts: 27,816
Canada

There are plans to update the forum, including for better security (the main issue with changing the forum software is concern over reliably migrating all of the existing content, since 2003).
After emailing (admittedly not current best practice), the passwords are hashed and only the hash is stored.

Re: Issues with forum. [Re: Herbzmoka] #671308
31/07/20 02:07 PM
31/07/20 02:07 PM
Joined: Jul 2020
Posts: 2
Herbzmoka Offline OP
stranger
Herbzmoka  Offline OP
stranger

Joined: Jul 2020
Posts: 2
I am happy to hear that you are aware and agree things could be better! And ofcourse also that there is plans for improvement smile Admittedly 20 characters passwords is kinda 2000s laugh

That said, no SSL is imo really an issue, hopefully you'll take that along in the upgrade at least, even tho I really see no reason at all not to have a cert for anything these days smile

Last edited by Herbzmoka; 31/07/20 02:09 PM.
Re: Issues with forum. [Re: Herbzmoka] #673274
26/08/20 07:45 PM
26/08/20 07:45 PM
Joined: Aug 2020
Posts: 1
Turkey
Lanetolsun Offline
stranger
Lanetolsun  Offline
stranger

Joined: Aug 2020
Posts: 1
Turkey
Hello
Just created an account to point out https ;) And find my answer. You better hurry because with BG3 this forum will be much more crowded and that may also mean, active targeting by evil-doers.

Last edited by Lanetolsun; 26/08/20 07:45 PM. Reason: typo
Re: Issues with forum. [Re: Raze] #673417
28/08/20 12:35 PM
28/08/20 12:35 PM
Joined: Oct 2017
Posts: 30
D
Daniel213 Offline
apprentice
Daniel213  Offline
apprentice
D

Joined: Oct 2017
Posts: 30
Originally Posted by Raze

There are plans to update the forum, including for better security (the main issue with changing the forum software is concern over reliably migrating all of the existing content, since 2003).
After emailing (admittedly not current best practice), the passwords are hashed and only the hash is stored.


Implementing HTTPS is done on the web server layer, not on the forum software layer. It's a no-brainer and takes an hour to implement, at max. It's ashaming for Larian that they still use unsecure http in 2020.

Re: Issues with forum. [Re: Herbzmoka] #673424
28/08/20 02:00 PM
28/08/20 02:00 PM
Joined: May 2010
Posts: 3,982
The Frog & Hounds
vometia Offline

Duchess of Gorgombert
vometia  Offline

Duchess of Gorgombert

Joined: May 2010
Posts: 3,982
The Frog & Hounds
We are aware of the issue and I have escalated it. Unfortunately I am not able to implement it myself.


J'aime le fromage.
Re: Issues with forum. [Re: vometia] #673446
28/08/20 05:20 PM
28/08/20 05:20 PM
Joined: Oct 2017
Posts: 30
D
Daniel213 Offline
apprentice
Daniel213  Offline
apprentice
D

Joined: Oct 2017
Posts: 30
Originally Posted by vometia
We are aware of the issue and I have escalated it. Unfortunately I am not able to implement it myself.


Being aware of something, and actually fixing something are two very different things. I hope your escalation bears fruit. Thanks for doing so.

Re: Issues with forum. [Re: Herbzmoka] #674800
11/09/20 10:14 PM
11/09/20 10:14 PM
Joined: Mar 2003
Posts: 19,689
A
AlrikFassbauer Offline
veteran
AlrikFassbauer  Offline
veteran
A

Joined: Mar 2003
Posts: 19,689
The German-language chat forums seem to be gone ???


When you find a big kettle of crazy, it's best not to stir it.
--Dilbert cartoon

"Interplay.some zombiefied unlife thing going on there" - skavenhorde at RPGWatch
Re: Issues with forum. [Re: AlrikFassbauer] #674803
11/09/20 10:55 PM
11/09/20 10:55 PM
Joined: May 2010
Posts: 3,982
The Frog & Hounds
vometia Offline

Duchess of Gorgombert
vometia  Offline

Duchess of Gorgombert

Joined: May 2010
Posts: 3,982
The Frog & Hounds
Originally Posted by AlrikFassbauer
The German-language chat forums seem to be gone ???

They have moved! Much closer to the top now, in the hope that more people see they exist.


J'aime le fromage.

Moderated by  Larian_QA, Lar_q, Lynn, Macbeth, Raze 

Powered by UBB.threads™ PHP Forum Software 7.6.2