Saturday, April 9, 2011

Forum fuckups

Well, looks like CCP managed to screw up once more.

On the one hand I can be sympathetic. No piece of software is without bugs... That being said, some of the bugs exploited in here seem to reveal some gross ignorance of basic web app security. Ie, don't trust the client...
It's like, extremelly basic, web programming 101, totally stupid, retarded, ... no words...
There's not enough facepalm pictures out there to convey the enormity of the fail... It's mind boggling...

Now, Catari found the issues and reported them. It is my understanding he found them after the forums went live. Which means the devs had less than 24 hours to fix the issues before he went public. At that stage everything went downhill...

Reporting bugs to get fixes in place is one thing, showing off about CCP fucking up and making the situation worse in the process is another.

I've been asked "what is the CSM's position on this".

Well, there's no position to be had. Epic fail is epic fail.
I don't think we need to convince CCP that they need to tighten the security of the forum, or convince them to devote more resources than they are on it. We'll be certain to tell them in no uncertain terms what we think of that quite blatant lack of professionalism, but as much as bashing CCP is a popular sport on the forums, it's really not an interesting place to put oneself in if one wants to have a dialog (well, sometimes it is, but not in this instance).

In other news, cooperation and dialog with other CSM members still doing well. We're still all trying to get on the same page when it comes to positions on different topics, after initial discussion about its content, Mittani produced a draft of our first public announcement, a few members gave feedback in terms of form and content, all were incorporated into the latest version.

It's going pretty well I would say.

No comments:

Post a Comment