James Greer medal 5000 6 years 339 days ago
it's missing because someone took it out
Jack Basford medal 5073 
CEO & CTO 6 years 339 days ago
Assuming it really was done with malintent and this wasn't just a bad paste or something, I'm not convinced it was done by modifying the forum post. There's absolutely no evidence that it was done by compromising an account with the privileges to modify forum posts. Also, modifying one line of one forum post in an obscure forum would be a pretty lame way to use such powers, if you wanted to do damage.
JavaScript injection actually would be the more likely route, since all of the JavaScript code is exposed and available to anyone in the browser. Specifically, modifying the function which updates the URL in the address bar. You could easily make it say "gpmanager.com" instead of "igpmanager.com" - then as James pastes the link, that's the end result. Maybe on one session he triggered this injected code somehow and on the other he didn't, which is how two different links came up as well.
This is all hypothetical, though. Until more evidence surfaces (there isn't any at this point) it's hard to say for sure what happened. It could just as easily be a bad paste and nothing more, where delete was accidentally hit while the caret was in the wrong position on the post.
James Greer medal 5000 6 years 339 days ago
But last night when I first posted, it was working fine because I used it to shortlist the driver
Jack Basford medal 5073 CEO & CTO 6 years 339 days ago
I can see that your post wasn't edited. We keep logs of that stuff. If it was modified in some way then it wasn't done in the interface by a moderator or admin account, and not even by your account, or any other for that matter.
If the link was perfect yesterday then that would leave the only possibility as SQL injection. But that would be a lame way to use such powers as I said above.
James Greer medal 5000 6 years 339 days ago
Only reason I clicked it today was to see if they had both been hired or not as Mateus was looking for a driver. Also it's an unsecured post where this one has a padlock
Jack Basford medal 5073 CEO & CTO 6 years 339 days ago
The unsecure thing just means it is a page that contains mixed http and https contents/links.
In the case of that thread it's because of the emoticon you included with a http URL:
http://4.bp.blogspot.com/-0y2vp5Za2yc/UZVbE76kqBI/AAAAAAAAD90/cNV7cR1WFjI/s1600/winking-face-facebook-symbol.png
It doesn't indicate that anything is actually unsecure on that page, though.
James Greer medal 5000 6 years 339 days ago
cant be edited without system flagging it then?
Jack Basford medal 5073 CEO & CTO 6 years 339 days ago
Not by an account, no. The edit would have to be directly with the database. Such access would give you the power to do anything, like delete all the forum posts, and it would be much easier to do that than to go in and edit a specific forum post to adjust one link in this way.
I'll keep an open mind because we've seen the competition are willing to do pretty much anything in recent months, but this does seem quite unlikely.
Jamie R medal 5000 6 years 339 days ago
Can I suggest in the mean time that someone either fixes or deletes the incorrect link from the original thread? Regardless of how it was changed, it is potentially redirecting people to a nefarious website.
Guest