We have detected that cookies are not enabled on your browser. Please enable cookies to ensure the proper experience.
Page 2 of 3 FirstFirst 1 2 3 LastLast
Results 26 to 50 of 66

Thread: Forum Problems

  1. #26
    Join Date
    Nov 2010
    Posts
    3,027
    Since the forums works better being logged off, I suggest a workaround: log in only to reply or use another mylotro features tied to your account

    I found this is very helpfull as self censor

    /submit try1

  2. #27
    Join Date
    Jun 2011
    Location
    Yorkshire UK
    Posts
    863
    Quote Originally Posted by Khafar View Post
    And as bad as all of that is, it's not as bad as the worst revelation Darmokk pointed out in the last of these threads. I won't repeat it here, but those who are curious can go look. He was correct, and I was not (when I took a closer look at a packet capture). I reported my own post and sent details of the issue to the community relations team, and never got a PM back on the matter. I certainly hope it's as important to them as it should be... it's not the sort of thing that should wait until whenever they can relaunch the "new new" forums.
    Khafar
    It's a sad state of affairs when people have been cowed into not speaking about a serious forum security issue which could result in account details being stolen, and even sadder that Turbine are refusing to openly address it, when the evidence is clearly available on other sites for people to see. Apparently people here aren't allowed to warn others how to protect themselves from the security flaw. Kudos for you though Kafar for admitting you made an oversight.

    I've been around here a while and seen many of Nymphonic's posts - most people know him as one of the most levelled headed of the forumites, and he usually sees the good in most things Turbine does ( which isn't a criticism ), and the fact that Turbine have managed to put him off-side says a lot. As usual though the approach seems to be to brush it under the carpet and if anyone notices and points it out, threaten them into silence. Unfortunately though it's starting to back fire on them as these issues ( and how Turbine deals with them ) are starting to be picked up by more are more external sites.

    Turbine need to own up to the problems, say what's being done and how users can best protect themselves / work around the issues, and most of all stop threatening people for speaking up about it. People are generally forgiving of mistakes, not so much when they are covered up and effectively told to keep quiet about them or else.
    Last edited by monteeburns; Mar 03 2013 at 01:17 AM.

  3. #28
    Join Date
    Feb 2007
    Posts
    12,677
    Quote Originally Posted by Nymphonic View Post
    THE FORUMS ARE NOT FUNCTIONING PROPERLY.
    I don't think they can hear you. Let me try:

    THE FORUMS ARE NOT
    FUNCTIONING PROPERLY!


    Yikes. It took me 53 seconds to open this post, and the last 3 posts I've made tonight each resulted in a forced logout before I was able to log back in and post (thanks to Ctrl-A Ctrl-C). It seems far, far worse when I'm writing a long post... perhaps there's a short timeout when the form is open? Whatever it is, it's hugely aggravating.

    Of course, it doesn't help that the logout bug is causing more exposure to other problems. Major problems.

    Khafar
    Last edited by Khafar; Mar 03 2013 at 01:34 AM.

  4. #29
    Join Date
    Jun 2010
    Posts
    1,240
    The security issue is that someone can get both your username and your password. The forums send it unencrypted, so someone could get it and then get into your game account. This is not a good thing to hide from the community. Instead they should fix it.

  5. #30
    Join Date
    Feb 2007
    Posts
    12,677
    This is not a good thing to hide from the community.
    No, it's not. I presume they don't want to "advertise" security issues, but come on. That tactic only sounds reasonable if you're holding off briefly to get a hotfix in place. Not when you're talking about reworking the forums some vague amount of time in the future.

    People need to know that keeping their game and forum access on secure networks is important. When playing LOTRO and especially when posting on its forums, never post from a public machine like an internet cafe. Never use an open or unencrypted private wi-fi. Keep your virus scanner up to date, and run malware scans regularly. Change your password often, and make sure it's non-trivial. Etc.

    Khafar
    Last edited by Khafar; Mar 03 2013 at 02:42 AM.

  6. #31
    Join Date
    Jun 2011
    Location
    Yorkshire UK
    Posts
    863
    Quote Originally Posted by Khafar View Post
    No, it's not. I presume they don't want to "advertise" security issues, but come on. That tactic only sounds reasonable if you're holding off briefly to get a hotfix in place. Not when you're talking about reworking the forums some vague amount of time in the future.

    People need to know that keeping their game and forum access on secure networks is important, especially now.

    Khafar
    The most disheartening thing is that after the last major security breach here ( which they also attempted to brush under the carpet ), nothing seems to have been learned from that.
    Other MMO's have had security breaches, but they have been honest about them, and put in measures to ensure they don't happen again. There is no way Turbine cannot have not seen this is a problem for a long while now, even without others showing them the evidence. If they are deliberately evasive about matters which involve people's accounts, how can people have any confidence they are being upfront about what else they say? This is exactly why many don't trust Turbine. I don't believe Turbine has placed any priority on security, and that the forum is only being addressed now ( so they say, but we've heard that before ) because of so many complaints, and not because they place any importance on protecting accounts. Actually they have denied there is any potential security issue and blamed people for pointing it out as 'starting trouble'. The timing of closure of the last thread was convenient at best, and could be perceived that it was closed at that time specifically to make it look like there was no problem, without giving chance for the person with the evidence to show it. As a the result that his proof has now been picked up by a couple of external sources.
    It's their forum and their rules, but it would have been much better for Turbine to deal with it honestly here. The end result is the same, word gets out to other sites about the issue, except now those sites also note that Turbine tried to hide\misrepresent the issue on their forums, instead of having an open discussion. Security issues come and go and companies get over them, but a reputation for not being honest is one that is hard to shake in the long term.
    Last edited by monteeburns; Mar 03 2013 at 03:30 AM.

  7. #32
    Quote Originally Posted by Nymphonic View Post
    Apparently I purposely inflame the community over this issue.
    As already pointed out, they are doing great job on inflaming the community over this issue on their own without any of your help.
    And I wont even go into security issues. Not everyone on internet has attention span of a goldfish as Turbine seems to think, I remember perfectly well security breach a few years ago and a number of posts about hacked accounts after that. I was in quite a small kin back then and even 2 of my kinnies were hacked out of the blue, I dont think they ever got reimbursed for all they lost.

    So yes, for somebody who offers the service you have to pay real money for Turbine is playing a dangerous game when trying to sweep things under the carpet.

  8. #33
    Join Date
    Jun 2008
    Posts
    4,405
    I hope the issues actually get addressed this time, rather than another close/hide/lock move.

    Yes, it only affects a minority of players, because only a minority of players use the forums.

    Less trying to be clever, more straightforward communication on this issue would be nice.

    At the very least, you might try finding someone to resolve the whole "our passwords aren't encrypted thing". Perhaps the young German lad who pointed out the last security flaw?

  9. #34
    Join Date
    Apr 2011
    Location
    Michigan
    Posts
    5,531
    Quote Originally Posted by Nymphonic View Post
    That was possibly me. Hard to though, the number of posts bringing this issue up seem to be on the rise. But according to Turbine, it is only a small number of people that have this problem.

    I'm not buying that at all.

    This is my number one pet peeve. Grrrrrrrrr.......
    Of course, how many people of the entire playerbase even use the forums? Likely not much. I scarcely knew they existed for almost the whole first year after I started playing. And even then I didn't have much cause to use them. So, of the small fraction of the entire playerbase that uses the forums... how many even think to mention it? Some may not care or think its just a fluke. Or whatever. When it gets down to actual numbers, the amount of people reporting it is likely far far less than the amount of people who have the problem. Probably works the same way in game. If most players don't care to report some glitch and only a handful actually do send a bug report telling the team "There is a goblin stuck in the wall at XYZ!", I imagine that particular bug won't be high on the list of things to work on.

    Another issue is having to click a button twice to get there. I have the lotteries bookmarked and on my bookmark toolbar. I click the button, it loads the lotteries. Then I click the Forums tab. It decides that instead of going to the forums it will just reload the lottery page. Then I have to click the Forums tab again to actually get there. Works the same way with other tabs as well (at least the first time I get on; once I'm on and have been browsing it doesn't seem to be an issue). And then of course, having to wait longer than we should have to in order to load any page and having to do it twice to actually reach the place you want to go... *facepalm*
    R5 105 GRD Marevayave - Leader of Riddermarked For Death
    R8 105 MNS Fayah/100 LM Siennah/105 HNT Dinenol/100 RK Dhurik
    100 CHN Alachas/85 CPT Dinfaerien/60 BUR Dhax/62 WDN Godoric
    R9 105 MNS Fayeh (alt Wilya) - Lonely Mountain Band @ Landroval

  10. #35
    Join Date
    Sep 2009
    Location
    Boston
    Posts
    3,550
    I am weighting the pros and cons of disclosure here, and came to the conclusion that disclosing the information is the better solution.

    The forum login is entirely unencrypted now and it leaks your password, which is your game and account password, to everybody who is on the same non-switched network or might be listening on a network path. In particular this means anybody on a Starbucks wifi can intercept your password with no special tools required.

    I believe it is better to disclose this information so that people can stop using the forums in Starbucks until this is fixed. This issue was not introduced with the forum change of doom that also had the login problems. At that time we had discussed it and although it did look unencrypted at the time it wasn't since the form target was https after all. This has changed since then and the login is definitely unencrypted now. Turbine is aware of the issue but declined to comment.

    I should clarify that the game login is encrypted, as well as the account management login. Of course that useless if you leaked the password for all of this via the forum login.

    P.S. if you agree that this disclose is useful I would appreciate some +rep. Because I get slammed with anonymous -rep by some dorks every time this comes up.
    Last edited by Darmokk; Mar 03 2013 at 01:23 PM.

  11. #36
    Join Date
    Jan 2011
    Posts
    158
    If I could give rep I would. Sorry.

  12. #37
    Join Date
    Jan 2011
    Posts
    2,050
    I'm a patient person, but the last few days of using the forums has put me firmly in the "forums are a disgrace and need to be fixed" camp. It's been way too long.
    “All that is gold does not glitter,
    Not all those who wander are lost;
    The old that is strong does not wither,
    Deep roots are not reached by the frost."

  13. #38
    Quote Originally Posted by Darmokk View Post
    P.S. if you agree that this disclose is useful I would appreciate some +rep. Because I get slammed with anonymous -rep by some dorks every time this comes up.
    I personally disagree with this forum rep system, hence why I have mine disabled and never use it on others, but this time I believe its for a very good cause. Done.

  14. #39
    Join Date
    Feb 2007
    Posts
    12,677
    Quote Originally Posted by Darmokk View Post
    if you agree that this disclose is useful I would appreciate some +rep
    Done. I would have corrected my post in public on that last thread, but it was unfortunately Closed.

    (Speaking of forum rep, I'm now wishing I could have capped mine... Khafar "the Beloved"? Ack. "a Light from the Shadow" was so much better - maybe it's finally time for me to turn that off ).

    Khafar

  15. #40
    Quote Originally Posted by Darmokk View Post
    P.S. if you agree that this disclose is useful I would appreciate some +rep. Because I get slammed with anonymous -rep by some dorks every time this comes up.
    On attempting to give you rep I discovered I had been logged out of the forum...

    /irony

  16. #41
    Join Date
    Jun 2011
    Location
    Hameldaeme
    Posts
    506
    Quote Originally Posted by Darmokk View Post

    P.S. if you agree that this disclose is useful I would appreciate some +rep. Because I get slammed with anonymous -rep by some dorks every time this comes up.
    +rep from me.

  17. #42
    Quote Originally Posted by Nymphonic View Post
    I bet I'm more angry. Apparently I purposely inflame the community over this issue. I'm still really hot about that. This isn't a case of balancing gameplay or tweaking loot drops.

    This is an actual service that I paid for that is not working. How simple can I say it? THE FORUMS ARE NOT FUNCTIONING PROPERLY.

    Turbine, I'm telling you straight. Game forums are a major part of my enjoyment(hence my 12k posts). From the sad performance issues and the way you guys have treated this issue and me, I will never recommend this game to anyone.

    Awesome game, horrible forum page. What's more than a horrible forum page is how they handle it. Bad public relations, very bad.
    Unfortunately, thats how it is around here when you speak the undeniable truth. You get beaten like a red headed stepchild. Unless your name is Benjamin, you will find no love around here.
    [COLOR=#ff0000][I]All my devotion betrayed, I am no longer afraid
    I was too blinded too see, How much you've stolen from me

    [/I][/COLOR]

  18. #43
    Join Date
    Nov 2012
    Location
    Vienna
    Posts
    119
    FIX THE FORUMS....ah yes - before that send me my 750TP´s
    LAURELIN - Rangers of Eriador
    Rehmo - MIN | Duranium - HNT | Junoriel - LM | Rehmli - CHP | Duravir - BEO | Tempezzt - BUR

  19. #44
    Its sad that there is an depressing inevitability to the path this thread will take. If it follows the cycle of the last one, or the one before, or....(you get the idea), it will get moved to a lower traffic (more appropriate) part of the forums, then be allowed to slowly peter out or get quietly closed. I suppose I cannot disagree with that as ultimately, we are on Turbine's forums, and they deal with things as they choose.

    The problem is that in a week, or three, someone else is going to have a bad day on the forums, post a new thread and the cycle starts again. This is going to naturally keep happening until one of two things happens either: A -- they actually fix the forums, or B -- they pull a fight club on us (the first rule of the forums...). Obviously we hope for A as soon as possible, and I hope that they don't go for B, despite the regular irritation these threads probably cause.

    In the last thread we at least got some indication that the forums and all of the associated systems are being looked at, but from the feel of that and other comments we are looking at a medium term solution at best. That is where the real issues begin for me. People have already pointed out that in their current state the forums have a negative effect on current users, by either raising the blood pressure when things inevitably go wrong, or by stopping them using them completely.

    Worse is the possibility of driving away potential new players. Personally I hit the official forums of any game I am considering playing to get a feel for what I am getting into. Someone seeing the wrong side of the forums could make all kind of incorrect assumptions about the game.

    Lastly, you have 'the other problem'. Until things are fixed, even the possibility of someone finding a way/choosing to exploit it is a sword hanging over our heads.

    So what to do about it? I'd suggest taking the forums down until they are fixed, but I am guessing the way things are interconnected they'd have to take much more than just the forums down to the point it is impractical. In any event they are not broken for everyone, so they will limp on. All we can do is hope they are fixed PDQ.

    Edit: Speaking of depressing inevitability; I'll give you three guess what happened when I posted this (you'll only need one )
    Last edited by Carolas; Mar 03 2013 at 06:28 PM.

  20. #45
    Join Date
    Oct 2010
    Posts
    61
    One thing I always do is copy my post before actually posting because of the sorry state of these forums.
    Click,wait,no change,click,wait,sometimes it loads,sometimes not.
    I'm sure it has nothing to do with the staff(At least I hope not)but these truly are some of the sorriest forums I've ever encountered as far as functionality.
    Forums should not be difficult to fix at all,ever.
    No idea why they are in the state they are but let's be honest about it.There is no suitable excuse.
    Anyway,all this has been said/done before....same ole stuff,different day.



    Last edited by The_Carolinian; Mar 03 2013 at 06:50 PM.
    [charsig=http://lotrosigs.level3.turbine.com/0c21400000005f9af/01003/signature.png]undefined[/charsig]
    ^^Will this thing ever update?^^

  21. #46
    Join Date
    Jun 2011
    Posts
    1,110
    To be fair to Turbine, I think it's pretty safe to say that they're aware the forums aren't working as well as they'd like them to, and haven't for quite some time now.
    I mean, Sapience himself has said that they are taking a look at a ground up rework of the forums.
    That's going to take time if issues keep cropping up.

    I'm not sure, either, that it's entirely wise for Turbine to broadcast that they've got an unsecured forum login.
    At this point, though, we in the community are aware that there are issues with it.
    I'm not sure when the forum login changed from encrypted to unencrypted, I'm sure there's someone out there with that information.

    And this leads me to my last point:
    What would you do if you were in Turbine's shoes and you knew it wasn't a quick or easy fix?
    Take forums down until the secure login is back?

    I can see there'd be a lot of teeth gnashing over it should that happen.
    Hir i Meigol Bruinen/High Council Member of the EoI/Of the Exiles of the Hidden City/Meigol Bruinen, Uncle Seregnin's Misguided Children, Curse the name of Maeglin, the Treacherous Villain, forever, may he rot in the Halls of Mandos for all time....
    Player Councillor. http://www.swtor.com/r/XWNQXP is my refer-a-friend link for SWTOR.

  22. #47
    Join Date
    May 2007
    Location
    Ontario, Canada
    Posts
    1,587
    But it's just so frustrating!
    I had a long sympathetic post for the "I give up" thread, only to hit reply and everything is suddenly blue.

    Maybe a weekly update on what is being worked towards on the forum issues? Would it help?

    I am now going to wait a couple weeks before replying on the forums, it's that frustrating.

  23. #48
    Join Date
    Feb 2007
    Posts
    12,677
    Quote Originally Posted by VoronturEU View Post
    What would you do if you were in Turbine's shoes and you knew it wasn't a quick or easy fix?
    Take forums down until the secure login is back?
    Yep. There's really no way any competent web developer could fail to figure out how to get back to secure logins (including investigation, fixes, and in-house testing) within 2 or 3 days. After all, it wasn't always like this. They broke it somehow, and going back to look at the source code revisions for every file anywhere near the login page (or web server config) should tell them what they need to know.

    I can see there'd be a lot of teeth gnashing over it should that happen.
    Actually, if they were straight with people and said "It's been brought to our attention that our forum login has a security issue, and we'll be down for a few days until we can get that fixed. Please bear with us, and we'll see you all back on the forums soon!"... I'll bet they'd get far more support than "knashing of teeth". There really isn't any "upside" to handling it this way.

    Khafar

  24. #49
    Quote Originally Posted by VoronturEU View Post
    And this leads me to my last point:
    What would you do if you were in Turbine's shoes and you knew it wasn't a quick or easy fix?
    Take forums down until the secure login is back?

    I can see there'd be a lot of teeth gnashing over it should that happen.
    Nuke them from orbit; its the only way to be sure.

    Actually came back for a final winge, but couldn't resist.

    I was trying to think what I would do when I posted earlier. If you could take down just the forums, I'd do it and put up some temporary ones using some standard forum software until things are fixed. If it is take down everything or nothing; I'm back to my first option above.

    Speaking of the winge -- I think I have angered the spirits of the forums. Just had a 4 minute and counting load time (new record). Gave up and came back, to get logged out.

  25. #50
    Quote Originally Posted by VoronturEU View Post
    And this leads me to my last point:
    What would you do if you were in Turbine's shoes and you knew it wasn't a quick or easy fix?
    Take forums down until the secure login is back?

    I can see there'd be a lot of teeth gnashing over it should that happen.
    Yes the should take the forum down till they fix the issue.

    Right now someone could get your login details from this they could access your account and if you have a credit card on file they could commit credit card fraud.

 

 
Page 2 of 3 FirstFirst 1 2 3 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

This form's session has expired. You need to reload the page.

Reload