pouët.net

Go to bottom

Good Bye Nectarine

category: general [glöplog]
Since I know, most of web servers are Linux (I haven't used nmap to check the OS that hosts nectarine.fr), and from long time ago /etc/passwd is shadowed. So, forget the idea of "plain text" /etc/passwd with password field in plain text, besides there is a very old OS running on nectarine.fr

By other hand, php uses its own databases with its own passwd, also mySQL (or whatelse) .. None of them uses plain text for passwd.

May be login/passwd combination was a silly joke. I don't think so.
added on the 2008-09-10 13:36:28 by Aeko Aeko
aeko > don't you realize that nectarine users don't have shell accounts on the server ?

so it's not /etc/passwd but stored in the db
Yeah, it did for sure use plaintext to store passwords.

At least, you could have your password send to you in plaintext in case you forgot it.
Can't see how thats possible if it isn't stored in plain.

If we're to ressurrect nectarine (and for me, it doesnt really matter what domain
it pops up on), I think we need more than money, we need to chip in and offer
assistance.

I know Yes decided not to put in the effort. But if he could direct some volunteers to do some of the work, i'd like to chip in some hours a week.

I'd also like to offer diskspace if there is any problem storing/backing up.

--BM
added on the 2008-09-10 13:39:19 by BombmanDK BombmanDK
BB Image
added on the 2008-09-10 13:54:33 by bill bill
who are this guys ?
added on the 2008-09-10 13:57:31 by esion esion
"the truth is out here" (x files guys)
added on the 2008-09-10 13:58:36 by bill bill
hum hum ...
added on the 2008-09-10 13:59:29 by esion esion
Moulders nerdy allies
added on the 2008-09-10 13:59:40 by BombmanDK BombmanDK
blague à part, it's really the nectarine dead ?
added on the 2008-09-10 14:01:16 by esion esion
Quote:
... so passwords were stored in plaintext?!

Nectarine was based on the SMF forum software which uses SHA1+Salts for passwords.
so far, yes
added on the 2008-09-10 14:01:46 by Axel Axel
With php accounts for sites like nectarine, you generally store a password hash only in the database for security. It's crackable (quite quickly if you have access to rainbow tables), but secure enough to put people off unless they're really determined.

Storing passwords as plain text is at best a kind of a lazy/convenient way of doing it (getting the password hash is all of one line), and it leaves a HUGE security hole.
added on the 2008-09-10 14:03:31 by psonice psonice
Axel, come to #scenemusic to talk with us about getting the nectarine data. there are enough people willing to help.
What network?
added on the 2008-09-10 14:08:09 by BombmanDK BombmanDK
IRCNet.
I can't because i'm at work (and they don't allow chats, IRC etc here). And I would like to talk to Yes first. We have quite a bunch of folks internally who would like to help too, but it all comes down to Yes. Once we know what his plans really are, we can plan ahead.
added on the 2008-09-10 14:08:22 by Axel Axel
Yeah, you don't have to come now... But if you're searching for people who want to help, come to the "channel with no website" at anytime :D
ok, excellent. We might need any help we can get. Also keep an eye on the Brainstorm website. Because currently we get a lot of questions there too and we'll post updates accordingly, and here.
added on the 2008-09-10 14:12:07 by Axel Axel
BB Image
added on the 2008-09-10 14:17:51 by esion esion
This is just googles database that still associates nectarine with a scene radio station.
Thus it displays those adds.
added on the 2008-09-10 14:21:44 by BombmanDK BombmanDK
Geia sou nektarini, gia sou xyme apo portokali.
added on the 2008-09-10 14:35:36 by Optimus Optimus
Saga: noone on #nectarine @IRCNET (us.ircnet.org) ??
added on the 2008-09-10 14:40:23 by BombmanDK BombmanDK
Sorry scenemusic .. my bad
added on the 2008-09-10 14:40:52 by BombmanDK BombmanDK
Kalh tyxh pagotini.
added on the 2008-09-10 14:43:00 by Optimus Optimus
I don't get no bouquet-page here in Sweden but the site down message posted by Yes...
added on the 2008-09-10 15:14:13 by El Topo El Topo

login

Go to top