# Loss Of Data



## Admin (Mar 16, 2012)

Dear Rollitup Users,

We at rollitup would like to extend our sincerest apologies for the recent downtime you have received. An SQL injection attack hit our server early in the morning causing a lot of our posts to be overwritten and the site was then redirected. As a result the complete backup that we have is from 20-2-2012 and this is what we had to restore from. We were able to however re-import all the users that have registered in the past month back into the system. But I regret to inform you that the post and threads are not recoverable. 

Although we have removed the lines of code that opened us to this SQL injection it pains me to say that we lost a month out of rollitups history and I only ask that you bear with us while we recuperate. 

Now you may be asking why we only had a backup from February. This is a good question, with a site such as ours data is our friend but it can also be our enemy. We do not like to transport our live data through the lines of the internet for just this reason, so when we do backup our data we make sure that we only get the pertinent information from the files before we shut the doors and lock them again. However as you can see this is a double edged sword.

As I write this letter our admin and coding team are putting together safe guards from this happening again.

I would ask that all comments and questions be limited to this thread only rather than being spread throughout he forum.

Once again I do apologize for any inconvenience this has caused you and we hope that you still hold us in high regard and trust. 

Best Wishes,
Rollitup


----------



## scroglodyte (Mar 16, 2012)

thanks for getting it back up. haters blow.


----------



## darkdestruction420 (Mar 16, 2012)

This is awful. Not blaming anyone on the site of course. Thanks for fixing it and doing your best. It's the ones who attacked the server who are to blame but it doesnt change the fact this does kind of suck.


----------



## JohnnyGreenfingers (Mar 16, 2012)

The time stamp is an hour off.


----------



## dura72 (Mar 16, 2012)

ah well life is all about struggle i suppose. as gary glitter said 'its good to be back'....i dont often quote Gary Glitter......wonder why.


----------



## Carne Seca (Mar 16, 2012)

I wonder if this has anything to do with the recent mod melt down? What was his name? Kevin? Eric? dumb fuck?


----------



## SketchyGrower (Mar 16, 2012)

That was shit-tastic! Thanks for the information


----------



## tonyeltigre (Mar 16, 2012)

I dont see a purpose in hacking/attacking this site... Unless your trying to bust people.... fucking creepy


----------



## Gamer621 (Mar 16, 2012)

tonyeltigre said:


> I dont see a purpose in hacking/attacking this site... Unless your trying to bust people.... fucking creepy


Does there have to be a reason?


----------



## Admin (Mar 16, 2012)

It was not just us, it was a wide spread hack across thousands of vbulletin websites.


----------



## tonyeltigre (Mar 16, 2012)

Gamer621 said:


> Does there have to be a reason?


other than putting everyone's info out in the open, an ruining lives... yeah,,, that might be a reason


----------



## tonyeltigre (Mar 16, 2012)

admin said:


> It was not just us, it was a wide spread hack across thousands of vbulletin websites.


interesting


----------



## Zoltan44x (Mar 16, 2012)

I dont know if this is "VBulletin" related but I hate this software. Heavy, unreliable and unstable.


----------



## ImAgIaNtInDaGrOwWoRlD (Mar 16, 2012)

All my pics are gone!?!?!? I have other peoples posts in my latest posts!!! Everything on my account is fucked up!!!! WHEN IS THIS GONNA BE FIXED!?!?!?!? I want to get my account back!!!!!!


----------



## Gamer621 (Mar 16, 2012)

imagiantindagrowworld said:


> all my pics are gone!?!?!? I have other peoples posts in my latest posts!!! Everything on my account is fucked up!!!! When is this gonna be fixed!?!?!?!? I want to get my account back!!!!!!


lol..........


----------



## ImAgIaNtInDaGrOwWoRlD (Mar 16, 2012)

Why is that funny? IM PISSED!!!!!


----------



## irishstonedscouser (Mar 16, 2012)

Omg sh** the bed!! Gotta start all over again grrr &#128549;


----------



## Soursmokey (Mar 16, 2012)

My grow journal is lost..wtf! How do we know this wont happen again..? Fuck let me roll something up to this!


----------



## ImAgIaNtInDaGrOwWoRlD (Mar 16, 2012)

And* where and who *has all our information and I.P addresses now?!?!?!?!?


----------



## ImAgIaNtInDaGrOwWoRlD (Mar 16, 2012)

tonyeltigre said:


> other than putting everyone's info out in the open, an ruining lives... yeah,,, that might be a reason


*So all our I.P addresses are now open to the public???????!!!!!

*


----------



## racerboy71 (Mar 16, 2012)

ImAgIaNtInDaGrOwWoRlD said:


> *So all our I.P addresses are now open to the public???????!!!!!
> 
> *


 where do you people come up with this shit?? really...


----------



## Ilovebush (Mar 16, 2012)

At least it's back up...phew!!! I was just starting to get comfortable...I'll smoke to that


----------



## tryingtogrow89 (Mar 16, 2012)

I hope you all had ip blocker.


----------



## tet1953 (Mar 16, 2012)

Calm yourself, ImAgla. Jeez

Shit happens. I have a question for you: Where are YOUR backups? Hmmmm?


----------



## NLXSK1 (Mar 16, 2012)

Did anyone else get a hacked e-mail from this site?


----------



## tet1953 (Mar 16, 2012)

NLXSK1 said:


> Did anyone else get a hacked e-mail from this site?


Nope not me. You mean an email to your email addy (not a site msg)? What did it say?


----------



## racerboy71 (Mar 16, 2012)

nope..........


----------



## NoGutsGrower (Mar 16, 2012)

tisk tisk RIU... hope it doesn't make the site RIP...


----------



## racerboy71 (Mar 16, 2012)

NoGutsGrower said:


> tisk tisk RIU... hope it doesn't make the site RIP...


 wtf is the big deal really?? ffs, even sony got hacked.. shit happens, it's the interwebs, lots of bored fuckers looking to fuck shit up.. no biggy imo, move on..
so we lost a month of info, could have been a lot worse imo..


----------



## NLXSK1 (Mar 16, 2012)

tet1953 said:


> Nope not me. You mean an email to your email addy (not a site msg)? What did it say?





> *[email protected]* [email protected]
> 
> 10:40 AM (17 hours ago)
> 
> ...



That is the e-mail I received


----------



## phishtank (Mar 16, 2012)

Just so you guys have a better understanding of what happened....someone found an exploit in vbulletin and manipulated the hell out of it. It could have been for many reasons....but usually the guys that do this shit do it for their own self satisfaction. If I was to do something like that it would have been for monetary gain. Take a bunch of forums...exploit vbulletin...redirect to site with ads or forced installs...make money. It wasnt the government...no one is out to steal your information. If you want to blame anyone...blame vbulletin for having too many holes in its forum software.


----------



## racerboy71 (Mar 16, 2012)

phishtank said:


> Just so you guys have a better understanding of what happened....someone found an exploit in vbulletin and manipulated the hell out of it. It could have been for many reasons....but usually the guys that do this shit do it for their own self satisfaction. If I was to do something like that it would have been for monetary gain. Take a bunch of forums...exploit vbulletin...redirect to site with ads or forced installs...make money. It wasnt the government...no one is out to steal your information. If you want to blame anyone...blame vbulletin for having too many holes in its forum software.


 omfg, someone with half a brain chimes in.. thank you...


----------



## really comfy slippers (Mar 16, 2012)

I was redirected to a anonymous political page, looking for pledges... Yesterday right before, people were posting about receiving emails from these people from there account which was exclusive to RIU... Safe to say they received all of our info


----------



## racerboy71 (Mar 16, 2012)

really comfy slippers said:


> I was redirected to a anonymous political page, looking for pledges... Yesterday right before, people were posting about receiving emails from these people from there account which was exclusive to RIU... Safe to say they received all of our info


 omg, oh no, some random person has some made up email addy that i used to register to this site with.... ahhhhh, run for my life, lock the doors, lock the windows... put the plants in the trash compactor...do it now...


----------



## Harrekin (Mar 16, 2012)

Didnt everyone start a seperate email account for this site unrelated to their real identity?


----------



## H R Puff N Stuff (Mar 16, 2012)

I'm just glad r i u is back up.


----------



## racerboy71 (Mar 16, 2012)

Harrekin said:


> Didnt everyone start a seperate email account for this site unrelated to their real identity?


 well, duh, lol.. i know i did.. i have so many email accounts for this and that that sometimes i don't even remember them all, lol...


----------



## deprave (Mar 16, 2012)

I delt with this vbulletin hack all day as I am a server admin by profession and I don't blame your staff for that at all even if it was not a new hack people get hacked everyday I probably deal with 10 sites getting hacked. However, I have to say I am very disappointed in your staff that the backups are so old. Why is there not a cron job to backup a site as popular as this or mirror it daily? I would like to volunteer my help with mysql replication setup and backups. I know you don't care but if the backup issue is not fixed I will honestly just stop visiting this site so much and probably rarely post here at all even though I have been a daily contributor for quite some time, I will just spend my time on my own sites as I probably should be anyway, at least I know its backed up.


----------



## phishtank (Mar 16, 2012)

really comfy slippers said:


> I was redirected to a anonymous political page, looking for pledges... Yesterday right before, people were posting about receiving emails from these people from there account which was exclusive to RIU... Safe to say they received all of our info


If anonymous was the one that did it...the last thing they would want is all of your personal information....nor would they give it to anyone. Their whole goal is to get out and spread their message. They might have snagged e-mails and spammed out a bunch of emails to you guys....but have you yet to see in the news that these huge companies being hacked have actually had vulnerable information that could have been obtained actually used in a negative way? Way to paranoid....if anything you should be on their side. Fck the government...Fck large corporation...Fck exploiting the average working man for profits.


----------



## racerboy71 (Mar 16, 2012)

phishtank said:


> If anonymous was the one that did it...the last thing they would want is all of your personal information....nor would they give it to anyone. Their whole goal is to get out and spread their message. They might have snagged e-mails and spammed out a bunch of emails to you guys....but have you yet to see in the news that these huge companies being hacked have actually had vulnerable information that could have been obtained actually used in a negative way? Way to paranoid....if anything you should be on their side. Fck the government...Fck large corporation...Fck exploiting the average working man for profits.


 can't wait for the like system to get back up and running...


----------



## NLXSK1 (Mar 16, 2012)

> .if anything you should be on their side.


Yes, we should be on the side of people who just wiped out a month of data. That sounds reasonable....

Um...


----------



## NLXSK1 (Mar 16, 2012)

deprave said:


> I delt with this vbulletin hack all day as I am a server admin by profession and I don't blame your staff for that at all even if it was not a new hack people get hacked everyday I probably deal with 10 sites getting hacked. However, I have to say I am very disappointed in your staff that the backups are so old. Why is there not a cron job to backup a site as popular as this or mirror it daily? I would like to volunteer my help with mysql replication setup and backups. I know you don't care but if the backup issue is not fixed I will honestly just stop visiting this site so much and probably rarely post here at all even though I have been a daily contributor for quite some time, I will just spend my time on my own sites as I probably should be anyway, at least I know its backed up.


If you had bothered to read the post on the support forum you wouldnt have written this.


----------



## deprave (Mar 16, 2012)

well I noticed the site they linked jalink was also already hacked when I plotted to take revege and ran a hail mary attack. I assume the site we were being linked to is being made to look bad because they are already hacked yet their website is left in tact.


----------



## tryingtogrow89 (Mar 16, 2012)

Beware for it is the ides of march.


----------



## ganjames (Mar 16, 2012)

admin pretty much just created time travel... we just went back in time.

this is some nobel prize type shit.


----------



## deprave (Mar 16, 2012)

NLXSK1 said:


> If you had bothered to read the post on the support forum you wouldnt have written this.


 This is my reply to that post, do you know where you are?


----------



## AWnox (Mar 16, 2012)

No worries RIU, I have a vb site as well and DDoS attacks are the norm it seems. One time I had to restore a backup that was 6 months old; you can imagine the outrage by the members. I feel your pain guys, don't worry about it though, words can be rewritten and the passion for growing will always be there so nothing was lost my friends. Let's keep on growing and move on.


----------



## racerboy71 (Mar 16, 2012)

ganjames said:


> admin pretty much just created time travel... we just went back in time.
> 
> this is some nobel prize type shit.


 lol, yah, all of the plants in my grow journal have some how unsmoked themselves and are back from the dead and are growing again.. amazing trick..


----------



## NLXSK1 (Mar 16, 2012)

deprave said:


> This is my reply to that post, do you know where you are?


They were pretty clear about the double edged sword between data security and backups.

You seemed to completely ignore all that and offer up technical expertise they already have. 

So I assumed you were smarter than that and actually missed reading the post. However, I might have been mistaken.


----------



## deprave (Mar 16, 2012)

NLXSK1 said:


> They were pretty clear about the double edged sword between data security and backups.
> 
> You seemed to completely ignore all that and offer up technical expertise they already have.
> 
> So I assumed you were smarter than that and actually missed reading the post. However, I might have been mistaken.


oh I read it....sorry this is not an excuse at all...the guy in charge of the backups is obviously incompetent. This is what I do for a living, sorry you don't understand that.


----------



## ganjames (Mar 16, 2012)

racerboy71 said:


> lol, yah, all of the plants in my grow journal have some how unsmoked themselves and are back from the dead and are growing again.. amazing trick..


i wish i could like this. unfortunately likes were lost during the time travel.

small price to pay.


----------



## MISSPHOEBE (Mar 16, 2012)

... why is everyone so huffy puffy? 
s´like you all woke up in 2012 and thought it was the end-of-the-world or something..............
LOL


----------



## racerboy71 (Mar 16, 2012)

ganjames said:


> i wish i could like this. unfortunately likes were lost during the time travel.
> 
> small price to pay.


 i'm sure they will be back in due time.. i'd think admin has their hands full atm with more important matters and in a few days or so the site will be back to normal, minus the lost data from the sound of it..


----------



## brotherjericho (Mar 16, 2012)

What, you mean I have to start over AND not have access to the earth-shattering, mind-blowing, one-of-a-kind "Connor Pot Charles Cannabis Growing Method"? I was so close to seeing my plants grow 5" per day! Damn you all, damn you all to hell!


----------



## ganjames (Mar 16, 2012)

racerboy71 said:


> i'm sure they will be back in due time.. i'd think admin has their hands full atm with more important matters and in a few days or so the site will be back to normal, minus the lost data from the sound of it..


i just went into to the room i finished a few weeks back.
it's back to the way it was... pre-mudding, pre-sanding, pre-priming, pre-painting.


fuck my life.


----------



## racerboy71 (Mar 16, 2012)

ganjames said:


> i just went into to the room i finished a few weeks back.
> it's back to the way it was... pre-mudding, pre-sanding, pre-priming, pre-painting.
> 
> 
> fuck my life.


 well, what are you doing here than ganjames?? sounds like you've got some work in front of you... chop chop.. lol..


----------



## dankerous (Mar 16, 2012)

Damn as I have only been on here less than a month I have lost all my pics/post/rep and every thing :/,still all replaceable,still


----------



## hornedfrog2000 (Mar 16, 2012)

http://www.atlava.com/forum/rumble-fighter/26657-what-e-mail-atlava.html

http://www.techarena.it/forum/free/26-pensieri-liberta-666.html


----------



## hydgrow (Mar 16, 2012)

Some of the post in here a funy as shit!

The ip thing dude just made some shit up and started posting it LMFAO!


----------



## edsthreads (Mar 16, 2012)

NLXSK1 said:


> Did anyone else get a hacked e-mail from this site?


yep, I got one saying it was from rollitup admin asking to support some demo in USA & London.. now all my posts & journals are gone


----------



## NoGutsGrower (Mar 16, 2012)

racerboy71 said:


> wtf is the big deal really?? ffs, even sony got hacked.. shit happens, it's the interwebs, lots of bored fuckers looking to fuck shit up.. no biggy imo, move on..
> so we lost a month of info, could have been a lot worse imo..


I only lost one that's right 1 post! I've posted more today after it came back on than I have in the past two months. I said I hope it doesn't make the site RIP, Obviously I'm still here posting...


----------



## pharmacoping (Mar 16, 2012)

Up until February I was an asshole troll, so this worked out well for me !

hi, my name is pharmacoping, and I do my work high.

peace


----------



## Not A Game (Mar 16, 2012)

If you have the URL for your thread just search it in google and there will be a cached version of it.
Pics are lost but the text is fully intact from before the site went down.

For example, my grow journal that is now gone from the site but remains in google cache:
http://webcache.googleusercontent.com/search?q=cache:AjWGTqEcv-cJ:www.rollitup.org/grow-journals/516685-second-grow-ever-nirvana-ak48.html+&cd=1&hl=en&ct=clnk&gl=us


----------



## SketchyGrower (Mar 16, 2012)

racerboy71 said:


> omfg, someone with half a brain chimes in.. thank you...


Sketchy Likes this post


----------



## tet1953 (Mar 16, 2012)

Oh no! All those insights from the Super Tuesday thread! So sad...

lol


----------



## stelthy (Mar 16, 2012)

[video=youtube_share;5RyWjomujww]http://youtu.be/5RyWjomujww[/video]

* I'am pissed off! So much of my work, time, effort and pics etc have vanished or changed for the worse. Whilst I under-stand its not directly RIU's fault (although if the site was kept up-to date ~ it'd've be less likely to be hacked) .. However I am on the fence as to whether to stay, or pack my bags thank-you for my great times here and sadly walk away  ?! 

I do have some questions though... will the hackers be hunted down? Are there any more site modifications in the pipe-line any-time soon ie/ skins, layout, adding/removing features and the random 'now when you upload pics they come out as thumbnails instead of full size pics' ??? 

I really dont want to leave but feel raped of alot of my hard work  - STELTHY


----------



## blimey (Mar 16, 2012)

It went down for me after shortly after I went into a thread about anonymous and 11/5 and nazi banksters. Then I started getting redirected to a youtube video about the nazi banksters when I clicked any links in riu. Kinda interesting video actually. Seems like anonymous is trying to spread information to the open minded people of society although I don't agree with their methods.


----------



## Rj41 (Mar 16, 2012)

racerboy71 said:


> omg, oh no, some random person has some made up email addy that i used to register to this site with.... ahhhhh, run for my life, lock the doors, lock the windows... put the plants in the trash compactor...do it now...


LOLOLOLOL!!!!!!! ** LIKE!! **

Not smoking enough cannabis makes people paranoid.


----------



## blimey (Mar 16, 2012)

Who goes back and reads old posts anyways? I do want the like system back asap though.


----------



## Banditt (Mar 16, 2012)

AWnox said:


> No worries RIU, I have a vb site as well and DDoS attacks are the norm it seems. One time I had to restore a backup that was 6 months old; you can imagine the outrage by the members. I feel your pain guys, don't worry about it though, words can be rewritten and the passion for growing will always be there so nothing was lost my friends. Let's keep on growing and move on.



This wasn't a ddos attack. ddos = denial of service. It's done by hitting the site with thousands of requests simultaneously. This was an exploit attack, nobody was denied service, the attackers just modified a bunch of shit.


----------



## stelthy (Mar 16, 2012)

blimey said:


> Who goes back and reads old posts anyways? I do want the like system back asap though.


(LIKE)  Yeah me too.. I'am still pissed though as I keep everything date organised    - STELTHY


----------



## MISSPHOEBE (Mar 16, 2012)

brotherjericho said:


> What, you mean I have to start over AND not have access to the earth-shattering, mind-blowing, one-of-a-kind "Connor Pot Charles Cannabis Growing Method"? I was so close to seeing my plants grow 5" per day! Damn you all, damn you all to hell!



ohshit did that REALLY get lost? oooooooooooooooooooooooooohhhhhhhhh noooooooooooooooooooooo
it really is 2012
and it really is the end of the worldddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
everyone assume the position!!!!!!!!!!!!!!!!!!!!!!!


----------



## NLXSK1 (Mar 16, 2012)

stelthy said:


> (LIKE)  Yeah me too.. I'am still pissed though as I keep everything date organised    - STELTHY


It was the guys from 9/11 fucking with your life because you are too close to the truth


----------



## Rj41 (Mar 16, 2012)

Hmmm, *MURPHY's *law perhaps?


----------



## blimey (Mar 16, 2012)

NLXSK1 said:


> It was the guys from 9/11 fucking with your life because you are too close to the truth


 I don't think it was the feds.


----------



## stelthy (Mar 16, 2012)

NLXSK1 said:


> It was the guys from 9/11 fucking with your life because you are too close to the truth


(Like) lol  yeah that crossed my mind LOL  .... I doubt it though lol,  - STELTHY


----------



## Thedillestpickle (Mar 16, 2012)

Hahaha -Anonymous hacked all our shit! funny shit

At least it was Anonymous.... they would be the last ones to care that we're growing


----------



## Thedillestpickle (Mar 16, 2012)

stelthy said:


> (Like) lol  yeah that crossed my mind LOL  .... I doubt it though lol,  - STELTHY


Yea I know what your saying stelthy. My grow thread had alot of notes I made to hold on to and keep track of how I do things and how it works out and whatnot. 

Only one month gone though... That's not too too bad


----------



## mysunnyboy (Mar 16, 2012)

i don't like the instability that's been going on lately. don't care about losing posts, pictures, whatever. i am however amazed at the number of times riu is "offline" for one reason or another. i do feel somewhat compromised. tell me to not let the virtual door hit me in the ass on the way out if you want but i for one am seriously considering jumping off the unstable boat


----------



## blimey (Mar 16, 2012)

I guess I can kinda understand that scenario. Although, I keep everything I want saved in an excel file on my external hdd...


----------



## 209 Cali closet grower (Mar 16, 2012)

wow, this just bites!


----------



## 209 Cali closet grower (Mar 16, 2012)

I lost my whole thread


----------



## mugan (Mar 16, 2012)

admin said:


> Dear Rollitup Users,
> 
> We at rollitup would like to extend our sincerest apologies for the recent downtime you have received. An SQL injection attack hit our server early in the morning causing alot of our posts to be overwritten and the site was then redirected. As a result the complete backup that we have is from 20-2-2012 and this is what we had to restore from. We were able to however reimport all the users that have registered in the past month back into the system. But I regret to inform you that the post and threads are not recoverable.
> 
> ...


ok thing is i love the Riu community , but i hate shit that don't add up , so am just gonna ask an innocent Que . your site is run by vB and if some one can Sql inject you they deff can do it to almost any other Vb site right? , and me being the internet addict i am . am on a lot of Vb sites. none of them have been attacked or are experiencing any kind of problems. this means this was all directed at you. so should i be worried , i don't care why , a simple yes or no .


----------



## mugan (Mar 16, 2012)

sorry cali , Btw i almost did . and i don't keep a plant log cuz i am on the forums , i know how much it sux. you can try it adoin with the clones you had going


----------



## blimey (Mar 16, 2012)

mysunnyboy said:


> i don't like the instability that's been going on lately. don't care about losing posts, pictures, whatever. i am however amazed at the number of times riu is "offline" for one reason or another. i do feel somewhat compromised. tell me to not let the virtual door hit me in the ass on the way out if you want but i for one am seriously considering jumping off the unstable boat


That's exactly how I feel, I thought about jumping ship with the other riu refugees and even created an account (in part just to reserve my name), but I didn't like the layout and they had too many sub forums, so here I am.


----------



## weed.senior (Mar 16, 2012)

Guys I suggest using Google cache to recover some of your data ( especially text ). I do the same for my thread today. Any questions just PM me. Cheers!


----------



## blimey (Mar 16, 2012)

I was thinking the same thing Mugan. There's nothing I can find on the net about a recent v bulletin attack. Although, apparently there are how-tos on youtube for hacking v bulletin. I don't know how real they are v bulletin seems kinda week if they have any relevance.


----------



## Hemlock (Mar 16, 2012)

tonyeltigre said:


> I dont see a purpose in hacking/attacking this site... Unless your trying to bust people.... fucking creepy



Could have been just a diversion to obtain info on people on Rollitup. Military does this shit all the time.
I must admit that all this shit with FDD, Kevin, this might be the time to head for the exits.


----------



## phishtank (Mar 16, 2012)

The problem is that anon. didnt get their point across i'm sure. And yeah it sucks that we lost alot of great information...all of the questions I had asked about my new grow setup are gone but text can be re-written. What we should be talking about is how to start a movement against "the man". You would think that maybe they would target communities like ours because we obviously already see past some of the feds BS laws. If you rallied up every person that smoked pot..for medical and for recreation...do you honestly think a government could stop millions of people? They wouldn't have enough jail space for us.


----------



## DoobiusSpliffus (Mar 16, 2012)

I don't see the point,

but the thing with SQLI attacks is that they're too easy.

Seriously, I'm not condoning it, and I haven't DONE it, but I have educated myself and found out HOW to hack into websites, and it is far too easy it's scary.

What's also bad is how easy it is to access the information related to learning how to hack into websites,

any here's hoping for a full recovery  

I was slightly affected by the security breach as I was asking for help and advice and having a few people get back to me and they were pretty helpful, I just know there were unread posts on my threads but I did take on board everything I managed to read.


----------



## phishtank (Mar 16, 2012)

And if you google the url name that it was re-directing you to...you could see it happened to other people.


----------



## k0ijn (Mar 16, 2012)

mugan said:


> ok thing is i love the Riu community , but i hate shit that don't add up , so am just gonna ask an innocent Que . your site is run by vB and if some one can Sql inject you they deff can do it to almost any other Vb site right? , and me being the internet addict i am . am on a lot of Vb sites. none of them have been attacked or are experiencing any kind of problems. this means this was all directed at you. so should i be worried , i don't care why , a simple yes or no .



Other sites were affect as well.
It was not a personal attack against RIU.
To answer your question, no you should not be worried at all.

The loss of data is irritating of course, but if people have saved their pictures they can at least reup them.


----------



## Rj41 (Mar 16, 2012)

Is any of the lost data _really_ important? I think not.


----------



## canefan (Mar 16, 2012)

This isn't as bad as it was in Sept of 2009 when many including my account was lost along with all of my old grow journals. Such is life. 
To Admin, thanks for keeping all of us in the loop this time around. You still have the best growing forum on the net and after 5 years here, it is just another little bump in the road.


----------



## mugan (Mar 16, 2012)

which cuz i d k any?


----------



## Hemlock (Mar 16, 2012)

mugan said:


> ok thing is i love the Riu community , but i hate shit that don't add up , so am just gonna ask an innocent Que . your site is run by vB and if some one can Sql inject you they deff can do it to almost any other Vb site right? , and me being the internet addict i am . am on a lot of Vb sites. none of them have been attacked or are experiencing any kind of problems. this means this was all directed at you. so should i be worried , i don't care why , a simple yes or no .



IMO YES you should


----------



## mugan (Mar 16, 2012)

Rj41 said:


> Is any of the lost data _really_ important? I think not.


then what are we all doing here then


----------



## Rj41 (Mar 16, 2012)

mugan said:


> then what are we all doing here then


Over reacting.


----------



## phishtank (Mar 16, 2012)

Do you REALLY think law enforcement is going to take down an entire website to get information and use it to take down a bunch of small time growers with a few plants in their closet? I don't think you have anything to worry about...if smoking makes you that paranoid it's time to set down the bong my friend.


----------



## stelthy (Mar 16, 2012)

209 Cali closet grower said:


> I lost my whole thread


Yeah it suck the big one... I lost my last 5 UPDATES on my thread I work hardest on  ULTRA PISSED OFF doesn't even come close  - STELTHY


----------



## mugan (Mar 16, 2012)

also can i get a reply from an account thats not 5 years old with less that 2 k post count , (no offense my post count is the same ) but i know what that can mean so ...


----------



## stelthy (Mar 16, 2012)

Originally Posted by mysunnyboy 
i don't like the instability that's been going on lately. don't care about losing posts, pictures, whatever. i am however amazed at the number of times riu is "offline" for one reason or another. i do feel somewhat compromised. tell me to not let the virtual door hit me in the ass on the way out if you want but i for one am seriously considering jumping off the unstable boat 



blimey said:


> That's exactly how I feel, I thought about jumping ship with the other riu refugees and even created an account (in part just to reserve my name), but I didn't like the layout and they had too many sub forums, so here I am.


Me too...thats how I feel.. infact ever since the commotion with *FDD (Which I don't want to talk about or hear anyone else talk about !!) I've been getting cold feet about RIU and have been contemplating jumping off this ship too.. I'am pissed I lost so much info  and still feel unsettled with the amount of security that surrounds our family here. If I do go I dont know where I'll be headed nor when.. I kinda wanted to finish my thread before I leave though. .. I've looked into other 'homes' but like you I didnt like the lay-out etc of the other forums and the fact you can log in and 'like' paired with 'FaceBook' a risky thing if ever I saw one! and so I'am still here..on the edge of the fence - STELTHY


----------



## NLXSK1 (Mar 16, 2012)

stelthy said:


> Originally Posted by mysunnyboy
> i don't like the instability that's been going on lately. don't care about losing posts, pictures, whatever. i am however amazed at the number of times riu is "offline" for one reason or another. i do feel somewhat compromised. tell me to not let the virtual door hit me in the ass on the way out if you want but i for one am seriously considering jumping off the unstable boat


Yes because we all know that your complaining will make things so much better...

Suck it up and move on.

And keep a backup of your journal FFS


----------



## Hemlock (Mar 16, 2012)

phishtank said:


> Do you REALLY think law enforcement is going to take down an entire website to get information and use it to take down a bunch of small time growers with a few plants in their closet? I don't think you have anything to worry about...if smoking makes you that paranoid it's time to set down the bong my friend.



you sure that everyone on here is small time... FDD got busted with some weight. I've seen some pretty big rooms/warehouses on here.
Just cause you are small time doesn't mean everyone else is.


----------



## mugan (Mar 16, 2012)

phishtank said:


> Do you REALLY think law enforcement is going to take down an entire website to get information and use it to take down a bunch of small time growers with a few plants in their closet? I don't think you have anything to worry about...if smoking makes you that paranoid it's time to set down the bong my friend.



am .. not worried about law enforcement , . if the kind of info they would need they can get just with an account, and ive been sober all through my current grow .


----------



## chb444220 (Mar 16, 2012)

mugan said:


> then what are we all doing here then


posting NEW data. people return to see NEW stuff. not old stuff. =) i always keep pics saved in seperate folders and saved on a Jump Drive. just soo i have pics of each crop from start to finish. just for backup or for breeding purposes. it sucks but wat can ya do ya kno?


----------



## k0ijn (Mar 16, 2012)

mugan said:


> also can i get a reply from an account thats not 5 years old with less that 2 k post count , (no offense my post count is the same ) but i know what that can mean so ...



I already replied to your questions.

I'm a Moderator on this forum.


All I can say is that this happened to other sites as well, many sites in fact. It was not a personal attack against RIU.
There is no reason to be nervous regarding the safety of your information.


This kind of tragic thing happens sometimes, just like it can happen to multinational companies, it can happen to the best forums


----------



## Hemlock (Mar 16, 2012)

k0ijn said:


> I already replied to your questions.
> 
> I'm a Moderator on this forum.
> 
> ...


That sounds good huh.
Don't know that I believe that.
and is it nessary to announce your a mod. Do you think I think you know more than I do because of your mod status. Come On now.


----------



## roofwayne (Mar 16, 2012)

Oh well, most thing are lost, but it can be put back. If you people have something to hide putting it on-line just isn't smart. I don't so that why I joined. I hope the best for everyone and this place....rw They didn't hack this


----------



## mugan (Mar 16, 2012)

> I already replied to your questions.
> 
> I'm a Moderator on this forum.
> 
> ...


right , ok thx .


----------



## phishtank (Mar 16, 2012)

Listen untill people stop hosting databases for sites like this in mysql form on the internet...this will continue to happen. People will continue to find exploits. Actually no matter how you store information...unless its offline and not webfacing...someone will always find a way to get in and access it.


----------



## k0ijn (Mar 16, 2012)

Hemlock said:


> That sounds good huh.
> Don't know that I believe that.
> and is it nessary to announce your a mod. Do you think I think you know more than I do because of your mos status. Come On now.



Well as far as we can tell, the hack changed the links to divert traffic, there was real no data mining nor any theft of data.
The other sites experienced the same issues and it points towards some scriptie who wanted to make a bit of money by diverting heavy traffic forums to a site which he controlled.

In other words, we were 'chosen' because of the amount of traffic and type of forum (vB).


The only reason I mentioned that I'm a Mod was to try and calm people down a bit, and the person I was talking to was looking for some answers so I thought he might take them more serious if he knew I was a Mod.
It was not to polish my crown at all, I'm just trying to help out.







phishtank said:


> Listen untill people stop hosting databases for sites like this in mysql form on the internet...this will continue to happen. People will continue to find exploits. Actually no matter how you store information...unless its offline and not webfacing...someone will always find a way to get in and access it.



Excellent point.


----------



## 420God (Mar 16, 2012)

k0ijn said:


> I already replied to your questions.
> 
> I'm a Moderator on this forum.
> 
> ...


Can you name any of the other sites that were hit, because I haven't heard of any yet.


----------



## GunRunner (Mar 16, 2012)

All water under the bridge now........lets just focus and recouping the loses and making sure it doesn't happen again


----------



## tryingtogrow89 (Mar 16, 2012)

Hemlock said:


> Could have been just a diversion to obtain info on people on Rollitup. Military does this shit all the time.
> I must admit that all this shit with FDD, Kevin, this might be the time to head for the exits.


What? Did i miss something wtf happened to fdd?


----------



## k0ijn (Mar 16, 2012)

420God said:


> Can you name any of the other sites that were hit, because I haven't heard of any yet.



If you google the name of the site that we were redirected to you can see how many sites were affected.
People all over the world are raving over it.


----------



## blimey (Mar 16, 2012)

tryingtogrow89 said:


> What? Did i miss something wtf happened to fdd?


Yea, you missed a big something.


----------



## phishtank (Mar 16, 2012)

If someone will supply me with the website that we were being redirected to...I can show you all of the other sites that got hacked. I was reading forum posts of people complaining about the hack on other sites...and ways to access your website after it had been hacked and what to change to fix the problem and keep it from happening again. I've also seen a post on another forum that shows what i believe to be the actual exploit itself.


----------



## phishtank (Mar 16, 2012)

If you're growing in a state that isnt legal...and you arent using tor to browse this site and making sure that all pictures you post dont have any location info stripped from them....then you shouldn't be posting on here anyways if you have something to lose. If you'd like I can start a thread on how to browse the internet using tor, noscript and other tools to make sure that any identifying information is safe.


----------



## k0ijn (Mar 16, 2012)

phishtank said:


> If someone will supply me with the website that we were being redirected to...I can show you all of the other sites that got hacked. I was reading forum posts of people complaining about the hack on other sites...and ways to access your website after it had been hacked and what to change to fix the problem and keep it from happening again. I've also seen a post on another forum that shows what i believe to be the actual exploit itself.


jforjustice.co.uk/banksters




Hemlock said:


> Well IMO its not safe so I'll be on me way. I got to much to loose to be fukin about on some internet site. Best of luck all


You are blowing it out of proportion, it's your right to do what you want, but don't spread dumb information and try to scare people.
It was not the military... Nor was it because of any drug bust.


----------



## blimey (Mar 16, 2012)

I'm thinking about starting a new account and not uploading pics and post absolutely no personal data (not that I really do now but I have uploaded pics).


----------



## xRenox (Mar 16, 2012)

Tough break, I lost about 65 posts.....and cant even roll a joint now.


----------



## phishtank (Mar 16, 2012)

Also just to touch base on something else...if you are growing enough to be prosecuted in a federal court....you shouldn't be posting any information on any website....because by posting pictures of your 100's of plants and 40K watt industrial grows...you are pretty much taunting the feds to find you. And just becase you browse the internet using tor doesnt mean your safe....they have ip traps that use java and other scripts that will show who you are if you dont have ALL scripts disabled.


----------



## chb444220 (Mar 16, 2012)

We just gotta keep a move on.. people are fuckin assholes. adn have nothing better to do than to hack websites and fuck shit up for no reason at all... 

im not too worried.... as long as ur not giving out important info (address... full names.. etc..) or posting pics that have things in the backround that could bring unwanted attention to you or your grow (pictures... pay stubs... newpaper articles with your town/city/state/ mail... etc) .. youve got nothing to worry about. 

and yeaa RIU does sumtimes shut down for small periods of time. but this is a big website with alot a traffic.. and they need to do important updates to help make the website better... and upgrade software and make it safe/safer for us. i think they do a pretty good job. ive been to a few other sites... such as grasscity and icmag... and (no disrespect to them) theres a reason why i always come back to RIU.. the people on here are great and very friendly... its one of the most up-to-date systems running at the moment. _*(*_although i do have 1 complaint/suggestion.._* PLEASEE.... WHEN I UPLOAD 10-20+ PICS.....PLEASE CREATE A WAY SO THAT I CAN SELECT ALL OF THEM AND MAKE THEM FULL SIZE ALL AT ONCE INSTEAD OF HAVING TO SELECT EACH PICTURE INDIVIDUALLY AND DOUBLE CLICK IT. CLICK FULL SIZE. AND OK. THEN MOVE ON TO THE NEXT PIC. IT WOULD MAKE ME AND PLENTY OF OTHER PEOPLE VERY HAPPY!! AND WOULD SAVE ME LOTS OF TIME! SOMETIMES I UPLOAD A TOTAL 50-75 PICS EVERY TIME I UPDATE... AND IT BECOMES SUCH A LONG/TEDIOUS/TIME CONSUMING PROCESS. THANK YOU =D )*_

RIU is *The Best* forum site at the moment. and i will continue to stay on here and continue to post pictures of my beautiful plants on here until it gets shut down... jsut be careful and wary of what you post as far as pics and info etc.. and you will be able to enjoy using this great site and have nothing to worry about.... keep up the great work RIU. you have MANY MANY loyal people here. me being one of them... thanks for such a quick response and keeping us all up to date. you should put a link to this thread on the homepage so that other people can see this.


----------



## phishtank (Mar 16, 2012)

and proof we arent the only ones...heres a post on the vbulletin forums about it happening elsewhere. 

https://www.vbulletin.com/forum/showthread.php/397949-jforjustice-co-uk-banksters-Hacked

NYC transit forums hacked

http://www.subchat.com/readflat.asp?Id=1144590&p=2#1144814


another forum from like a week ago this happened to

http://forum.gsmhosting.com/vbb/archive/t-1441060.html


The fact that this has been happening for a few days shows that vB needs to step there game up with security updates. The first time this happened they should have been providing forum security updates to all of its customers. Not say that they didn't...but considering our website got hacked days after this started...and HOPING that the staff of rollitup did an update if anything was available (seems as much as the site goes down they update alot) i doubt vB caught on quick enough.


----------



## chb444220 (Mar 16, 2012)

xRenox said:


> Tough break, I lost about 65 posts.....and cant even roll a joint now.


lmao. soon you be teaching others how to roll a joint. =p lol. reading that made me laugh... (out loud) =0 lol


----------



## mugan (Mar 16, 2012)

listen, to the mods of riu , i hope you have watched iron man (the original of course ) when tony first takes the suit out to gomera and kills the10 rings . on his way back he is intercepted by f22s, and one goes down. after his friend figures out it was him he asks what to tell the press. and eventually he tells them it was a test flight gone wrong, governments do it to there people , parents do it to there kids, i just hate that Riu is doing it too .  ehh . al shut up now .


----------



## growone (Mar 16, 2012)

well, this is the worst malfunction that's hit RIU since i joined
but the older than 1 month stuff seems to be intact, could be worse
and law enforcement worries are just paranoid, LEO does not destroy incriminating evidence


----------



## richinweed (Mar 16, 2012)

Who got the data????????????????????


----------



## phishtank (Mar 16, 2012)

What is rollitup lying about? The forum software they use has been known to have security issues....just like EVERY OTHER forum software you can buy. Everything on the internet with a database uses some form of mysql...so its not the owners of rollitup's fault. If it had ONLY happened to us...then yeah that would be a bit weird....but many forums that were vulnerable and have NOTHING to do with growing pot were also hit. No one specifially targeted us for any reason other then the forum software we use and the fact that we have good traffic and probably rank very well within google. We were easy to find...so we were hacked. I'm in NO way affiliated with RIU by the way...i just sit in front of the computer for 12 hours a day and read alot.


----------



## chb444220 (Mar 16, 2012)

richinweed said:


> Who got the data????????????????????



I HAVE THE DATA!   Heeeheeeheee


----------



## stelthy (Mar 16, 2012)

chb444220 said:


> We just gotta keep a move on.. people are fuckin assholes. adn have nothing better to do than to hack websites and fuck shit up for no reason at all...
> 
> im not too worried.... as long as ur not giving out important info (address... full names.. etc..) or posting pics that have things in the backround that could bring unwanted attention to you or your grow (pictures... pay stubs... newpaper articles with your town/city/state/ mail... etc) .. youve got nothing to worry about.
> 
> ...


I agree whole heartedly with everything you've just said. I am of course unsettled atm, but hopefully this site will be stronger since it hasn't been killed yet?!! - STELTHY


----------



## Hemlock (Mar 16, 2012)

k0ijn said:


> jforjustice.co.uk/banksters
> 
> 
> 
> ...


I'm presenting another point of view that you don't seem to agree with. Not tryin to spread anything.
But in all reality you have no idea what info they may or may not have taken and saying otherwise is BS.


----------



## Johnnyorganic (Mar 16, 2012)

Disaster recovery is tedious and time consuming. 

Backing up data is likewise tedious and time consuming.

The site responded to the attack as soon as possible.

Some data was lost. Shit happens.

Anyone lashing out at RIU for this attack should consider how much of their own money they spend to support this site and then *shut the fuck up*.

You want to blame someone? Blame the hacker.

The loser in a dirty bathrobe, in his mom's basement. Picture a *V For Vendetta* movie poster on the wall and a *Star Wars* action figure collection.

These unemployable clowns imagine themselves as heroes. In reality, they are rat bastards of the higest order.


----------



## Hemlock (Mar 16, 2012)

Johnnyorganic said:


> Disaster recovery is tedious and time consuming.
> 
> Backing up data is likewise tedious and time consuming.
> 
> ...


You talkin to me


----------



## k0ijn (Mar 16, 2012)

Johnnyorganic said:


> Disaster recovery is tedious and time consuming.
> 
> Backing up data is likewise tedious and time consuming.
> 
> ...



Thank you.


----------



## mugan (Mar 16, 2012)

> Anyone lashing out at RIU for this attack should consider how much of their own money they spend to support this site and then *shut the fuck up*


well i was going to but you kno you guys are endorsed , don't pull that shit , man and i just had calmed down


----------



## Johnnyorganic (Mar 16, 2012)

mugan said:


> well i was going to but you kno you guys are endorsed , don't pull that shit , man and i just had calmed down


Then direct your hissy fit at the hacker.

RIU is the victim here.


----------



## mugan (Mar 16, 2012)

> Then direct your hissy fit at the hacker.
> 
> RIU is the victim here.


hissy fit huh. ... ok then but good thing is, from your response i get the answer i wanted. so i guess i should be thanking not hissy fitting .


----------



## onlybuilt4 (Mar 16, 2012)

I'm a bit confused. Are you guys running a cracked version of vB or what? In my 10+ years of administrating and posting on vb forums I have seen a small handful of successful "hacks," this software is pretty airtight for somebody pushing a religious website that looks like it was made on geocities in 1996....just saying...

are we safe here? Is our data safe?


----------



## BA142 (Mar 16, 2012)

Can't know for sure. But if I wasn't legal in my state I wouldn't be posting here anyways lol


----------



## newwb (Mar 16, 2012)

so others have all our data now..nice reason to STOP journaling.


----------



## newwb (Mar 16, 2012)

my avatar even reverted to my old one..hmmm


----------



## Rj41 (Mar 16, 2012)

It's a _conspiracy_, I'll tell ya! OH NO!!! Everybody's out to get us!!


----------



## wascaptain (Mar 16, 2012)

phishtank said:


> If you're growing in a state that isnt legal...and you arent using tor to browse this site and making sure that all pictures you post dont have any location info stripped from them....then you shouldn't be posting on here anyways if you have something to lose. If you'd like I can start a thread on how to browse the internet using tor, noscript and other tools to make sure that any identifying information is safe.


i you do sir, inform me please.

i am a small time, but in ths nazi state, the fuzz make room for a pot head.... even they have to let a rapist out to make room.


----------



## Johnnyorganic (Mar 16, 2012)

mugan said:


> hissy fit huh. ... ok then but good thing is, from your response i get the answer i wanted. so i guess i should be thanking not hissy fitting .


I'm not exactly certain what answer you wanted.

But if your data was that valuable to you, you would have your *own* back-ups of it.

And your precious content would be restored already.

And if you are implying that you are grateful to the hacker, the *actual* guilty party, then that's all we need to know about *you*.


----------



## unohu69 (Mar 16, 2012)

luckily most of my recent posts have been to answer questions that inevitably will be asked again. lost some rep comments, and recently posted pics. some wall comments are gone. Feds dont care about RIU, we are all legal anyway, right? 

I was more bummed that RIU was down. How big is RIU, i mean how much space would a complete mirror actually take up? jus curious.


good to see every one back tho.


----------



## mugan (Mar 16, 2012)

you guys plz stop its embarrassing .


----------



## onlybuilt4 (Mar 16, 2012)

unohu69 said:


> luckily most of my recent posts have been to answer questions that inevitably will be asked again. lost some rep comments, and recently posted pics. some wall comments are gone. *Feds dont care about RIU, we are all legal anyway, right? *
> 
> I was more bummed that RIU was down. How big is RIU, i mean how much space would a complete mirror actually take up? jus curious.
> 
> ...


uh...no...we're not. and even if we were state legal for MMJ, the Feds don't give a shit either way -- it's still illegal and it's still a federal offense to grow any amount of herb...


----------



## phishtank (Mar 16, 2012)

No this copy of vB isnt hacked. As stated before...an exploit was found in the software...and it was used to redirect the site and change links. The only reason why everything reverted back is because they loaded the backup from 2/20. It happened to MULTIPLE WEBSITES. IT WAS NOT AN ATTACK AGAINST RIU. WE JUST SO HAPPENED TO BE ONE OF THE UNLUCKY WEBSITES THAT GOT EXPLOITED. If it was anon...they didnt take any of your information. The only thing that might have been taken was e-mail addresses. You have nothing to worry about. This was not the police or anyone else. Just some hackers trying to start a movement and get information to the masses. Stop being fucking paranoid.

And my first peice of advice for everyone from now on. Go download the tor button for firefox. Go download noscript for firefox. Make sure you either have the geolocation feature turned off on your phone if you use it for pictures or find a program to strip all information from pictures. Do not upload them to a website like photobucket. for now on use tor to create accounts on forums...dont put your real bday. Browse forums with tor...make sure ALL SCRIPTS ARE DISABLED with noscript...and you should be fine.


----------



## phishtank (Mar 16, 2012)

onlybuilt4 said:


> uh...no...we're not. and even if we were state legal for MMJ, the Feds don't give a shit either way -- it's still illegal and it's still a federal offense to grow any amount of herb...


Learn the laws...you have to go over a certain amount before it become federal jursidiction...unless you cross state lines or you are part of some drug ring or cartel. If harborside can make a TV show...and not be shut down yet...then the feds aren't going to come kick down your door for 12 pot plants. It costs alot of money to hunt you down, kick your door in and put you through trial.

If you're growing 200 plants though...and you are dumb enough to post that shit on the internet and not hide yourself...you are an idiot....and you're asking to be raided.


----------



## really comfy slippers (Mar 16, 2012)

phishtank said:


> If anonymous was the one that did it...the last thing they would want is all of your personal information....nor would they give it to anyone. Their whole goal is to get out and spread their message. They might have snagged e-mails and spammed out a bunch of emails to you guys....but have you yet to see in the news that these huge companies being hacked have actually had vulnerable information that could have been obtained actually used in a negative way? Way to paranoid....if anything you should be on their side. Fck the government...Fck large corporation...Fck exploiting the average working man for profits.


Yeah makes sense... guess I am abit paranoid, but it's abit unnerving that this is happening. But you're right.


----------



## k0ijn (Mar 16, 2012)

It was a REDIRECT hack. No data was compromised.

None of your data was taken, it was overwritten by a redirect sql hack.


Stop being paranoid.


----------



## 420God (Mar 16, 2012)

k0ijn said:


> Stop being paranoid.


When you stop being paranoid doing what we do that's when you get your door kicked in.


----------



## k0ijn (Mar 16, 2012)

420God said:


> When you stop being paranoid doing what we do that's when you get your door kicked in.



You know that I ment: "Stop being paranoid in this particular situation."

I repeat, it was a REDIRECT HACK.
That means no data was stolen, no IPs or personal info was taken.
It was a basic hack and it happened to a lot of forums.

Now calm down and smoke some weed


----------



## 420God (Mar 16, 2012)

k0ijn said:


> Now calm down and smoke some weed


I'm always calm.


----------



## d4n (Mar 16, 2012)

ImAgIaNtInDaGrOwWoRlD said:


> *So all our I.P addresses are now open to the public???????!!!!!
> 
> *


Are you dumb enough to use this site without a proxy?


----------



## weed.senior (Mar 16, 2012)

Guys I noticed that some infos is still with your server ( like pictures, threads titles ). When you worked on restoring the forum I noticed pics are up on each post. 
Just delete that link which appeared in each post and make the pics available. Is this an option ?
Cheers!


----------



## unohu69 (Mar 16, 2012)

hahah yeah a proxy will save you. im not sure how many of you buy into that shit, but yeah yo go ahead and use your proxy. happy slow ass web browsing.


----------



## onlybuilt4 (Mar 16, 2012)

phishtank said:


> Learn the laws...you have to go over a certain amount before it become federal jursidiction...unless you cross state lines or you are part of some drug ring or cartel. If harborside can make a TV show...and not be shut down yet...then the feds aren't going to come kick down your door for 12 pot plants. It costs alot of money to hunt you down, kick your door in and put you through trial.
> 
> If you're growing 200 plants though...and you are dumb enough to post that shit on the internet and not hide yourself...you are an idiot....and you're asking to be raided.


The decision to prosecute on a federal level for cannabis manufacturing is a discretionary one, no longer mandatory under sentencing guidelines...but you are confusing your facts. Simply because the federal government chooses not to prosecute folks with a certain number of plants does NOT mean that their actions are not federally illegal. This isn't just semantics, use some objective logical reasoning here.


----------



## unohu69 (Mar 16, 2012)

I have never seen the feds fuck with anyone in this state with less than 100 plants. break that number and well, thats your risk. 

did anyone else see the memo about the feds only want to prosecute cases with a 10 yr sentence? anything else isnt worth their time.


----------



## axionjaxson (Mar 16, 2012)

admin said:


> Dear Rollitup Users,
> 
> We at rollitup would like to extend our sincerest apologies for the recent downtime you have received. An SQL injection attack hit our server early in the morning causing a lot of our posts to be overwritten and the site was then redirected. As a result the complete backup that we have is from 20-2-2012 and this is what we had to restore from. We were able to however re-import all the users that have registered in the past month back into the system. But I regret to inform you that the post and threads are not recoverable.
> 
> ...


 

it was done by advanced nutrients because of all the truth being talked about their terrible products and their abuse of the first time growers lack of experience.


----------



## Breezy mL (Mar 16, 2012)

Well dam...


----------



## Breezy mL (Mar 16, 2012)

Ima stranger again lol.


----------



## axionjaxson (Mar 16, 2012)

Breezy mL said:


> Ima stranger again lol.


i like this.


----------



## axionjaxson (Mar 16, 2012)

lol...adding my own like button.


----------



## nas2007 (Mar 16, 2012)

as long as its back up and running, that's what counts.!


----------



## UKE (Mar 16, 2012)

oddly enough i agree with the message of the hackers - the website that got redirected to. corporations and government are shit right now. too bad they have to hack to get their message out, kinda taints it i would think... fight corruption with illegal hacking? lol


----------



## dirtsurfr (Mar 16, 2012)

I didn't see anything in the news this morning. Guess it wasn't so bad.
The post whores are up in arms tho LOL!!


----------



## IC3M4L3 (Mar 16, 2012)

for a site this big having to roll back to a feb backup thats lam,

daily backups in smysql should be done regardless,hell i know much smaller sites that this that doo em propper regular,
apologieas are all fine but are tottally unecessary if the job had been done correcvlty in the fist instance,
harsh but true u need a better coding team,OR u need the site to be setup better i.e wen a p0ost,thread gets delted all the commenters dont loose ther posts,,,,,,,,,,,,,,again............doggies thread thing any bells?
anyways my 2 cents listen or not but eitherwat a feb backup is tottally messed up


----------



## calicatt79 (Mar 16, 2012)

I agree with you 100% IC3M, things need to change before they lose a lot users to this. When I saw that they had to backup from 02/20 I almost choked.....it only shows a "lack of something" crucial.


----------



## jigfresh (Mar 16, 2012)

k0ijn said:


> I repeat, it was a REDIRECT HACK.
> That means no data was stolen, no IPs or personal info was taken.
> It was a basic hack and it happened to a lot of forums.
> 
> Now calm down and smoke some weed


This is simply not true my friend. Many users received emails supporting the site we were being redirected to. Not PM's.... Emails to their private email accounts. So 'someone' out there had access to the email accounts associated with our RIU accounts.

I am not worried about it myself as I created a separate email for RIU. I am also in CA growing legally under CA laws. Yes, I realize it's not legal in the feds' eyes, but I'm not worried about anyone coming at me for my 2'x3' closet. I'm not paranoid, I'm not blaming RIU for anything, and I'm not going anywhere else. I'm not saying anything will ever come of some stupid hacker having email accounts other than spam. Just want to set the record strait a bit.

BUT.... to say this was ONLY a redirect hack is simply not true.


----------



## crazyhazey (Mar 16, 2012)

jigfresh said:


> This is simply not true my friend. Many users received emails supporting the site we were being redirected to. Not PM's.... Emails to their private email accounts. So 'someone' out there had access to the email accounts associated with our RIU accounts.
> 
> I am not worried about it myself as I created a separate email for RIU. I am also in CA growing legally under CA laws. I'm not worried about anyone coming at me for my 2'x3' closet. I'm not paranoid, I'm not blaming RIU for anything, and I'm not going anywhere else. I'm not saying anything will ever come of some stupid hacker having email accounts other than spam. Just want to set the record strait a bit.
> 
> BUT.... to say this was ONLY a redirect hack is simply not true.


i dont know shit about hacking but i lost 700 posts. oh well.


----------



## johnnybobonny (Mar 16, 2012)

That's poop! Oh well...C'est la vie


----------



## calicatt79 (Mar 16, 2012)

at least new users can see how to subscribe to a thread now...LOL!!! That's an upside to this whole thing...
I really miss my like button though. That's how I would let people know I was still there...when I was just too dang busy to post. I've already tried to use it like 200 times


----------



## CharlieBud (Mar 16, 2012)

jigfresh said:


> This is simply not true my friend. Many users received emails supporting the site we were being redirected to. Not PM's.... Emails to their private email accounts. So 'someone' out there had access to the email accounts associated with our RIU accounts.
> 
> I am not worried about it myself as I created a separate email for RIU. I am also in CA growing legally under CA laws. Yes, I realize it's not legal in the feds' eyes, but I'm not worried about anyone coming at me for my 2'x3' closet. I'm not paranoid, I'm not blaming RIU for anything, and I'm not going anywhere else. I'm not saying anything will ever come of some stupid hacker having email accounts other than spam. Just want to set the record strait a bit.
> 
> BUT.... to say this was ONLY a redirect hack is simply not true.


The ones receiving emails probably had the "allow users to send emails" checked or something. Of course I'm sure the RIU admins are working to discover what personal information may have been compromised as well as revising their data backup and incident response strategy.


----------



## missnu (Mar 16, 2012)

yeah...just worries me that they are trying to prevent these things after they happen....why happen in the first place...should there not have been a better defense, and in the last month I think it has not worked as much as it has worked...so eff it.


----------



## Rising Moon (Mar 16, 2012)

Bummer this happened. I lost everything...

I am back down to stranger and lost my rep.


----------



## IC3M4L3 (Mar 16, 2012)

i posted months ago about me getting emails thru my riu id and email addres AND THE EMAIL SED SEN MY NAME ON RIU but nothing was done.
againn having to roll bqak tp a febuary backup itrs trully lame and the admins/coders HOULD know better fuk im a coder and i even know to make backups daily or more than once every so fucking often.
user are rated on ther likes/reps new user know that theese people have been around and know a lot,,,and the site does not care about this? nothing was rectefied afterthed oggies thread was delted i kknow members whart lost 4k+ posts anything doen? lol no,
so them user who lost that many have now lost even more because sum1 cant be bothered to log into phpmyadmin and take a propper simple backup? or what its 2012 set it to autofuckingmatic?

say what u want about this posts but im RIGHT this is bad in soo many ways,
not a mention of recitifing post counts or likesof any admins ,not cool man


----------



## crazyhazey (Mar 16, 2012)

IC3M4L3 said:


> i posted months ago about me getting emails thru my riu id and email addres AND THE EMAIL SED SEN MY NAME ON RIU but nothing was done.
> againn having to roll bqak tp a febuary backup itrs trully lame and the admins/coders HOULD know better fuk im a coder and i even know to make backups daily or more than once every so fucking often.
> user are rated on ther likes/reps new user know that theese people have been around and know a lot,,,and the site does not care about this? nothing was rectefied afterthed oggies thread was delted i kknow members whart lost 4k+ posts anything doen? lol no,
> so them user who lost taht many have now lost even more because sum cant e bothered to log inot phpmyadmin adn take a porpper simnpl backup? or what its 1012 set it to autofuckingmatic?
> ...


am i developing dyslexia or all the words at the end fucked up.


----------



## jigfresh (Mar 16, 2012)

CharlieBud said:


> The ones receiving emails probably had the "allow users to send emails" checked or something. Of course I'm sure the RIU admins are working to discover what personal information may have been compromised as well as revising their data backup and incident response strategy.


I can't even find that option in my general settings, so not sure what you mean. And the emails they received were not from others' personal email accounts they were from @rollitup.org email accounts. Namely [email protected]... so someone was in the back end.

Again... I'm sure my email accounts are in the hands of bad peeps already from the playstation network getting hacked, and various financial websites that have been compromised as well. Not trying to rile people up... I don't think anything will come of it.

EDIT: Who care's about post counts? There are fucking morons with 10,000 posts, and pot geniuses with 150 posts. That's not how you tell if someone is worth listening to.


----------



## s7even (Mar 16, 2012)

yea that blows! but were still all here truck'n! just wish my grow journal was saved...


----------



## KushXOJ (Mar 16, 2012)

Next time can we at least catch dinner and a movie before you F*CK ME rollitup ?


Lol jk couldn't pass up that opportunity


----------



## Lucius Vorenus (Mar 16, 2012)

Next time hire me to do your upgrades. This won't happen.


----------



## MISSPHOEBE (Mar 16, 2012)

mugan said:


> you guys plz stop its embarrassing .


amen amen amen


----------



## crazyhazey (Mar 16, 2012)

KushXOJ said:


> Next time can we at least catch dinner and a movie before you F*CK ME rollitup ?


i like to be wined and dined before you take me to best buy and FUCK ME rollitup hahahahahahaha


----------



## dirtsurfr (Mar 16, 2012)

Maybe this was just a rouse to get rid of the influx of trolls they had??


----------



## Beansly (Mar 16, 2012)

dirtsurfr said:


> Maybe this was just a rouse to get rid of the influx of trolls they had??


In that case it didn't work...


----------



## crazyhazey (Mar 16, 2012)

Beansly said:


> In that case it didn't work...


probably did the opposite, now people have something else to bitch about.


----------



## dirtsurfr (Mar 16, 2012)

Beansly said:


> In that case it didn't work...


*dirtsurfr likes this....
*


----------



## polyarcturus (Mar 16, 2012)

first of all i dont appreciate the which ever mod deleted my post(abusing you powers again k0jin?) as i said the mods had been warned about thier vulnerability. as i am a free time programmer(no expert by any means ) the hacker did a very simple hack and on top of that corrupted the database. once again im going to say this MODS GET ON YOUR SHIT AND START WATCHING, A KID COULD HAVE DONE THAT SIMPLE HACK ATTACK.


----------



## crazyhazey (Mar 16, 2012)

polyarcturus said:


> first of all i dont appreciate the which ever mod deleted my post(abusing you powers again k0jin?) as i said the mods had been warned about thier vulnerability. as i am a free time programmer(no expert by any means ) the hacker did a very simple hack and on top of that corrupted the database. once again im going to say this MODS GET ON YOUR SHIT AND START WATCHING, A KID COULD HAVE DONE THAT SIMPLE HACK ATTACK.


this is why those mods also gave you the option to pm people


----------



## Johnnyorganic (Mar 16, 2012)

polyarcturus said:


> first of all i dont appreciate the which ever mod deleted my post(abusing you powers again k0jin?) as i said the mods had been warned about thier vulnerability. as i am a free time programmer(no expert by any means ) the hacker did a very simple hack and on top of that corrupted the database. once again im going to say this MODS GET ON YOUR SHIT AND START WATCHING, A KID COULD HAVE DONE THAT SIMPLE HACK ATTACK.


This was more than the work of script kiddies.

Anonymous seized the email database and spoofed an email yesterday morning to members ostensibly from [email protected]. Then they corrupted a months worth of data and redirected the posts to some random religious organization.

This was an organized attack and whoever did it had an agenda. 

What that agenda is, I cannot say.


----------



## obijohn (Mar 16, 2012)

Over the years most message boards I've frequented had something like this happen. Some people just get off fucking with others.

I don't care about losing some posts, most were just bullshit anyway.


----------



## polyarcturus (Mar 16, 2012)

it may have been organized, but they still used very simple methods.


----------



## calicatt79 (Mar 16, 2012)

whoever did it managed to fix the thread tools option....???? You can see the words now, strange....and what about the like button, wonder how that got corrupted?? OW


----------



## polyarcturus (Mar 16, 2012)

that could have been prevented. on the other hand if they where up to date with security there is the possibility that more information could have been gleaned from the attacker. annon it doesn't seem their style IMO, their after big corps and money mongers


----------



## unohu69 (Mar 16, 2012)

whatever it is, whoever is responsible... none of that really matters now. It is a HUGE pile of suck tho that we lost almost a months worth of data.

I didnt lose any rep points, but lost the comments associated with the recent ones. IM sure the "like" button will make its comeback, it is missed, and was last time they took it down. All recentlt added friends are still there. kinda shitty my "teaching others to roll" has reverted back to "stoner" but really, I am one, so I dont mind.

All in all, it is causing a lot of commotion here, and all the recent comments show it.


----------



## freemen5663 (Mar 16, 2012)

buzzkillllllllllllllllllllllllllllllll


----------



## Admin (Mar 16, 2012)

Sorry for the late response guys, I was up till 6am trying to see if we could recover the data out of our search server to no avail. Our search server stores everything in binary monde which we are unable to get back.

As for some of the emails that were sent out, no information was downloaded it was a simple newsletter command the attacker used to send emails to our database. Something to the effect of this $vbulletin->newsletter->send('all); And the posts that were replaced used a Replace Into command which just overwrote everything.

I do apologize that we did loose a month of data and the administrators that work for free on this website have been taking the brunt of it. All I ask is that you bear with us, I noticed alot of other cannabis sites were having the same issue if you need any help finding out where the hacks have taken please send send me a private message and I can walk you through on what to take out of your system.


----------



## phishtank (Mar 16, 2012)

This thread should be locked because it seems people are going to go on and on about how they got "fucked" and that this is some how RIU's fault. Let me explain something in very plain words you guys can understand. If the exploit was known...it would have been fixed. Obviously no one knew it existed...which is why its called a fucking exploit. It was not just an attack against RIU...but many forums. Its a group of hackers trying to spread a message....so they made sure they put links to those messages EVERYWHERE. The redirected the forum...changed all posts to show a link they wanted you to see...and they snagged the e-mail database from RIU so they could also get their message to you via e-mail in case you didnt see it here on RIU. It was not an attack against you. No one is going to sell your information. It was not the government. You are all perfectly safe. Yes it sucks we lost a month worth of posts and reputation...but life goes now. NOW STFU AND SIT THE FUCK DOWN. No wonder the movement to legalize MJ has been so unsuccessful. You guys see some contraversy and everyone freaks out. If we acted more like these hackers and made our fucking point know EVERYWHERE....we would get so much more accomplished. You're all sheep....the governemt, big pharma and big corps are your shephard.....bahhh sheep bahhhhhh


----------



## oftheCosmos (Mar 16, 2012)

cool story bro, anyways glad riu is back up


----------



## jigfresh (Mar 16, 2012)

yep... we're all sheep, lol. panties in a bunch much? I think peeps like you are the reason shit doesn't get done, someone says something that you don't agree with and you start calling people names saying we should lock the thread. What will that accomplish?


----------



## Rj41 (Mar 16, 2012)

If this was only a redirect hack, as mods and admin are saying, where'd the like button go? And why are the screen names all purple? And why are fonts and colors changed? 

Just wondering......


----------



## calicatt79 (Mar 16, 2012)

and how did the thread tools button get fixed? lol


----------



## Admin (Mar 16, 2012)

calicatt79 said:


> and how did the thread tools button get fixed? lol


Our coders were in there at the same time going through all the code when they were in postbit i told them to fix it


----------



## Admin (Mar 16, 2012)

Rj41 said:


> If this was only a redirect hack, as mods and admin are saying, where'd the like button go? And why are the screen names all purple? And why are fonts and colors changed?
> 
> Just wondering......


We rolled out a quick version with the css all set to default so we could try to get us back online as soon as possible. The redirect hack was easy to fix because they were nice about it, but that is until we realized that all the posts have been replaced.


----------



## F A B (Mar 16, 2012)

wow leave for a few days and come back and still trying to catch up with what has changed


----------



## dirtsurfr (Mar 16, 2012)

I just got 5 likes from some real old threads..
still no like.
2 days ago I got a call from Microsoft saying my computer was sending corrupt files,
I thought it was a hoax and I couldn't understand 1/2 the words coming from him and hung up on him......


----------



## F A B (Mar 16, 2012)

F A B said:


> wow leave for a few days and come back and still trying to catch up with what has changed


edit wtf im a stranger again with one post ok lost everything since i joined last month


----------



## Rj41 (Mar 16, 2012)

admin said:


> We rolled out a quick version with the css all set to default so we could try to get us back online as soon as possible. The redirect hack was easy to fix because they were nice about it, but that is until we realized that all the posts have been replaced.


I'm having difficulty believing that, as I was on the site when everything started happening.
All the things I mentioned happened BEFORE the site went down for repairs.

Something smells fishy to me.........


----------



## crazyhazey (Mar 16, 2012)

F A B said:


> edit wtf im a stranger again with one post ok lost everything since i joined last month


haha damn fab you got like 800 posts in a few days right?


----------



## dirtsurfr (Mar 16, 2012)

All that wasted time wasted......


----------



## F A B (Mar 16, 2012)

crazyhazey said:


> haha damn fab you got like 800 posts in a few days right?



i had almost 1000 post in a month and this makes my second post and lost every subbed thread 
this aint cool i got to start all over


----------



## phishtank (Mar 16, 2012)

Damn i wish i could cookie stuff all of the traffic on RIU. Talk about makin some money off of you folks.


----------



## F A B (Mar 16, 2012)

dirtsurfr said:


> All that wasted time wasted......



sure seems like it since everything i took time to post is gone so all the time i spent here really was for nothing


----------



## crazyhazey (Mar 16, 2012)

F A B said:


> i had almost 1000 post in a month and this makes my second post and lost every subbed thread
> this aint cool i got to start all over


yeah, i was subbed to like 30 when it was still runnin. and damn i had just got like 1300 posts or something and now im back to being a goddamn ganja smoker hahaha.


----------



## st0wandgrow (Mar 16, 2012)

k0ijn said:


> jforjustice.co.uk/banksters
> 
> 
> 
> ...


Anyone take the time to watch this video? That's some bat-shit-crazy stuff right there!

While I agree with some of the content of the video, the idea that all of us will be fitted with a micro-chip implant, and that the fake jews will kill 6 billion people on the planet is a little far fetched for my bullshit meter.


----------



## crazyhazey (Mar 16, 2012)

st0wandgrow said:


> Anyone take the time to watch this video? That's some bat-shit-crazy stuff right there!
> 
> While I agree with some of the content of the video, the idea that all of us will be fitted with a micro-chip implant, and that the fake jews will kill 6 billion people on the planet is a little far fetched for my bullshit meter.


i dont have bullshit tolerance, i watched that video for like 5 minutes and thought it was like illuminati shit or something, conspiracy theory is all the same. 
everyone in the worlds stupid as fuck and dont know how ridiculous they sound when their peers tell them they're right. i bet some paranoid schizophrenic made that video, hes trippin balls to think the US is gonna regulate microchip inplants or jews kill like 99 percent of our fuckin planet.


----------



## UncleBuck (Mar 16, 2012)

i find this all very difficult to masturbate to.


----------



## dirtsurfr (Mar 16, 2012)

UncleBuck said:


> i find this all very difficult to masturbate to.


Switch hands.....


----------



## blimey (Mar 16, 2012)

dirtsurfr said:


> Switch hands.....


*super like*


----------



## crazyhazey (Mar 16, 2012)

UncleBuck said:


> i find this all very difficult to masturbate to.


i was waiting for someone to say "well i dont"


----------



## cannabineer (Mar 16, 2012)

dirtsurfr said:


> All that wasted time wasted......


 Gotta spread my Nouveaux Likes around. That was f'in awesome. cn


----------



## phishtank (Mar 16, 2012)

If I had a choice I'd whipe out a good portion of the worlds population and would start regulating how many children people can have. overpopulation will be a problem soon.


----------



## Admin (Mar 16, 2012)

Allright Guys,

I am going to close this thread from all you hijackers  If you have any questions regarding what happened please send me a private message.

Admin


----------

