Again - please, web master, fix the attack site stuff

[RWood]

???Just now logged in with no warning???

[gui_tarzan]

I just logged in and still get the warning. I also PM'd Allynmey a few days ago and haven't heard back yet. I don't expect to, but I offered my help as well if he wanted it.

We'll see.

[dkochan]

I have been logging in for a few days with no warnings on my ipad. The warnings went away after an ios upgrade. I am still seeing warnings on my other devices, including my iphone. I have no idea.

Treating it as a glimmer of hope.

[Leo_Gnardo]

???Just now logged in with no warning???

0940 EST, warning back.... google must have been taking a nap. Let's not celebrate too soon.

0900 log on , no warning. PHOOEY.

[dkochan]

I have been logging in for a few days with no warnings on my ipad. The warnings went away after an ios upgrade. I am still seeing warnings on my other devices, including my iphone. I have no idea.

Treating it as a glimmer of hope.

[R.G.]

One of the things I learned late in life that would have been very useful earlier is this:

Humans are logical - if unpredictable and error-prone - creatures. Whenever a human or group of humans consistently do things that make no sense to you, it's mostly not because they're stupid or incapable. It's because you don't know all the rules they're working under.

The owner of the servers that TAG is on is not doing the fairly simple steps to get google to delist it as an attack site for good and sufficient reasons to him/her. These may or may not be reasons that make sense to you, given where you are, but they do to the owner.

These could include:
- not knowing how to fix it
- resenting google for ever causing them this problem
- not wanting to take the time to fix this irritation
- having much bigger and more pressing fish to fry
- just not having it on the radar
- not wanting the resources used by this freely donated web site to get bigger or be as big as they are

There are many possibilities, including ones that none of us know or could even imagine. Only one person really knows what the actual reason not to fix it is.

And that is perfectly OK - it's their resources that they're giving away for free. They can choose what they want to give away free, all the way down to zero. We have no claim on their generosity.

[gui_tarzan]

I got an email back from Allyn today. He stated that he has in fact put something in place that is supposed to help remedy this situation, but Google is not being as cooperative as they should.

Let's keep our fingers crossed that this will be resolved, and just know that Allyn is trying to do something about it.

[martin manning]

That is good to hear, and let's hope that the forum can recover from this episode. The number of new members has been way down, and flat at around 20/month since the hack.

[R.G.]

As I said above, getting results that don't seem to make sense are a reliable indicator that you don't know all the rules.

I strongly believe that I don't know all the rules in this situation.
- In my (limited!) experience, erasing all the malware links and asking for a re-scan resulted in google removing their alert within 24 hours. Since that has not happened here, I can only conclude that the simple path (i.e., remove the compromised files and ask for a rescan) cannot be done for some unspecified reason.
- Allyn told us that one of the big issues is that the passwords to the database have been lost, and that they're working with a php techie to find/change/hack the databases (??) to not lose the forum database. This is good.
The logical conclusion from these data points would seem to indicate that the task of remove the funny files and rescan cannot be done for some reason related to the old databases.

My reaction to an errant database is to dump it all, or as much as possible, create a new copy that I do have the passwords to, and go from there, possibly retaining the old one in stasis somewhere while I figure out what else to do. Even if I could only access the old database a record at a time, I'd put a bot on it from a slave PC, pulling out a record at a time and stuffing them away somewhere so the records can be reassembled. If at least that can't be done, the old database is already lost, and so it's a recovery (as opposed to rescue) operation.

I suspect that google maybe is not being as cooperative as it could about some subtlety about the lost-password databases. Could be, I guess.

Or something else entirely. No way to tell.