Good Bye Nectarine
category: general [glöplog]
Since I know, most of web servers are Linux (I haven't used nmap to check the OS that hosts nectarine.fr), and from long time ago /etc/passwd is shadowed. So, forget the idea of "plain text" /etc/passwd with password field in plain text, besides there is a very old OS running on nectarine.fr
By other hand, php uses its own databases with its own passwd, also mySQL (or whatelse) .. None of them uses plain text for passwd.
May be login/passwd combination was a silly joke. I don't think so.
By other hand, php uses its own databases with its own passwd, also mySQL (or whatelse) .. None of them uses plain text for passwd.
May be login/passwd combination was a silly joke. I don't think so.
aeko > don't you realize that nectarine users don't have shell accounts on the server ?
so it's not /etc/passwd but stored in the db
so it's not /etc/passwd but stored in the db
Yeah, it did for sure use plaintext to store passwords.
At least, you could have your password send to you in plaintext in case you forgot it.
Can't see how thats possible if it isn't stored in plain.
If we're to ressurrect nectarine (and for me, it doesnt really matter what domain
it pops up on), I think we need more than money, we need to chip in and offer
assistance.
I know Yes decided not to put in the effort. But if he could direct some volunteers to do some of the work, i'd like to chip in some hours a week.
I'd also like to offer diskspace if there is any problem storing/backing up.
--BM
At least, you could have your password send to you in plaintext in case you forgot it.
Can't see how thats possible if it isn't stored in plain.
If we're to ressurrect nectarine (and for me, it doesnt really matter what domain
it pops up on), I think we need more than money, we need to chip in and offer
assistance.
I know Yes decided not to put in the effort. But if he could direct some volunteers to do some of the work, i'd like to chip in some hours a week.
I'd also like to offer diskspace if there is any problem storing/backing up.
--BM
who are this guys ?
"the truth is out here" (x files guys)
hum hum ...
Moulders nerdy allies
blague à part, it's really the nectarine dead ?
Quote:
... so passwords were stored in plaintext?!
Nectarine was based on the SMF forum software which uses SHA1+Salts for passwords.
so far, yes
With php accounts for sites like nectarine, you generally store a password hash only in the database for security. It's crackable (quite quickly if you have access to rainbow tables), but secure enough to put people off unless they're really determined.
Storing passwords as plain text is at best a kind of a lazy/convenient way of doing it (getting the password hash is all of one line), and it leaves a HUGE security hole.
Storing passwords as plain text is at best a kind of a lazy/convenient way of doing it (getting the password hash is all of one line), and it leaves a HUGE security hole.
Axel, come to #scenemusic to talk with us about getting the nectarine data. there are enough people willing to help.
What network?
IRCNet.
I can't because i'm at work (and they don't allow chats, IRC etc here). And I would like to talk to Yes first. We have quite a bunch of folks internally who would like to help too, but it all comes down to Yes. Once we know what his plans really are, we can plan ahead.
Yeah, you don't have to come now... But if you're searching for people who want to help, come to the "channel with no website" at anytime :D
ok, excellent. We might need any help we can get. Also keep an eye on the Brainstorm website. Because currently we get a lot of questions there too and we'll post updates accordingly, and here.
This is just googles database that still associates nectarine with a scene radio station.
Thus it displays those adds.
Thus it displays those adds.
Geia sou nektarini, gia sou xyme apo portokali.
Saga: noone on #nectarine @IRCNET (us.ircnet.org) ??
Sorry scenemusic .. my bad
Kalh tyxh pagotini.
I don't get no bouquet-page here in Sweden but the site down message posted by Yes...
