MyBB Vulnerability Releases
#42
I completely understand why the MyBB dev's would like to keep this information from the public but at the same time if I was in labrocca's shoes with a forum the size of his I would want to be given the chance to patch/mitigate the exploit myself. There's always a risk involved regardless which direction the MyBB dev's take, but maybe offering a program for big board owners and trusted members to be looped in earlier than the general public would be a good middle ground so that the people would would be impacted the most would be able to opt-in and stay ahead of the exploits while keeping malicious users in the dark still. Heck I'm sure the big board owners would be fine with a membership fee to such a mailing list which would also help support faster turnaround times for security patches.

A great example of responsible disclosure to trusted parties is CloudFlare and their WAF feature that will apply patches to 0-day exploits before software developers have a chance to roll out a security update. Software developers loop in CloudFlare prior to the general public and they can push out an update to their users to block said exploits quietly offering a big level of protection to the internet without revealing unpatched exploits. Of course CloudFlare is at at a different level, but surely there are some people still in the community that have earned the trust of the MyBB devs over the years right? Smile
-Joe
AFreeCloud - Free Cloud-Based Web Hosting!
Reply


Messages In This Thread
MyBB Vulnerability Releases - by labrocca - 2019-06-16, 01:01 AM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-16, 01:25 AM
RE: MyBB Vulnerability Releases - by s3_gunzel - 2019-06-16, 01:36 AM
RE: MyBB Vulnerability Releases - by labrocca - 2019-06-16, 01:40 AM
RE: MyBB Vulnerability Releases - by s3_gunzel - 2019-06-16, 03:32 AM
RE: MyBB Vulnerability Releases - by Euan T - 2019-06-16, 02:07 PM
RE: MyBB Vulnerability Releases - by labrocca - 2019-06-16, 07:33 PM
RE: MyBB Vulnerability Releases - by Euan T - 2019-06-16, 09:20 PM
RE: MyBB Vulnerability Releases - by Devilshakerz - 2019-06-17, 05:53 PM
RE: MyBB Vulnerability Releases - by xerotic - 2019-06-17, 08:15 PM
RE: MyBB Vulnerability Releases - by labrocca - 2019-06-17, 08:08 PM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-17, 08:12 PM
RE: MyBB Vulnerability Releases - by codedude - 2019-06-17, 08:40 PM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-17, 08:24 PM
RE: MyBB Vulnerability Releases - by s3_gunzel - 2019-06-18, 01:59 AM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-18, 07:05 AM
RE: MyBB Vulnerability Releases - by s3_gunzel - 2019-06-18, 07:37 AM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-18, 06:23 PM
RE: MyBB Vulnerability Releases - by s3_gunzel - 2019-06-19, 01:05 AM
RE: MyBB Vulnerability Releases - by Devilshakerz - 2019-06-17, 09:05 PM
RE: MyBB Vulnerability Releases - by xerotic - 2019-06-17, 09:26 PM
RE: MyBB Vulnerability Releases - by Devilshakerz - 2019-06-17, 09:59 PM
RE: MyBB Vulnerability Releases - by makpaolo - 2019-06-18, 02:13 AM
RE: MyBB Vulnerability Releases - by Wildcard - 2019-06-18, 07:29 PM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-19, 01:46 AM
RE: MyBB Vulnerability Releases - by sarisisop - 2019-06-20, 08:44 PM
RE: MyBB Vulnerability Releases - by Wildcard - 2019-06-20, 09:58 PM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-21, 02:13 AM
RE: MyBB Vulnerability Releases - by frostschutz - 2019-06-21, 07:14 AM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-21, 10:41 AM
RE: MyBB Vulnerability Releases - by Wildcard - 2019-06-21, 10:59 AM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-21, 01:03 PM
RE: MyBB Vulnerability Releases - by Wildcard - 2019-06-21, 02:27 PM
RE: MyBB Vulnerability Releases - by Ashley1 - 2019-06-21, 08:23 PM
RE: MyBB Vulnerability Releases - by s3_gunzel - 2019-06-22, 08:04 AM
RE: MyBB Vulnerability Releases - by Serpius - 2019-06-22, 10:30 AM
RE: MyBB Vulnerability Releases - by Wires - 2019-06-22, 02:11 PM
RE: MyBB Vulnerability Releases - by 0xB9 - 2019-06-22, 04:27 PM
RE: MyBB Vulnerability Releases - by Tactrus - 2019-06-22, 06:22 PM
RE: MyBB Vulnerability Releases - by reed - 2019-07-01, 08:53 PM
RE: MyBB Vulnerability Releases - by KuJoe - 2019-07-14, 02:18 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)