1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Surplus and Adventure Sticky?

Discussion in 'Bushcraft Chatter' started by Wayland, Oct 27, 2011.

  1. Pandabean

    Pandabean Full Member

    Joined:
    Nov 10, 2006
    Messages:
    2,050
    Likes Received:
    0
    Location:
    North of Bennachie and a bit to the right, Aberdee
    I thought that was how they used to catch and ban spammers?
     
  2. Shewie

    Shewie Mod
    Mod

    Joined:
    Dec 15, 2005
    Messages:
    24,255
    Likes Received:
    12
    Location:
    Yorkshire
    The ISP address will do, we all have those
     
  3. Ahjno

    Ahjno Vice-Adminral
    Admin

    Joined:
    Aug 9, 2004
    Messages:
    6,831
    Likes Received:
    27
    Location:
    Rotterdam (NL)
    Spammers are usually caught by us with aid of SpiSe - unless they're reported by members.
     
  4. andythecelt

    andythecelt Nomad

    Joined:
    May 11, 2009
    Messages:
    261
    Likes Received:
    0
    Location:
    Planet Earth
    A few points to keep in mind.
    1. I have been lied to repeatedly by people working for this company and I'm not the only member here who has been. It makes me take anything said by any of their staff with a pinch of salt, rightly or wrongly.
    2. Why on earth would a hacker bother to go to all that trouble just to give me a bit of lip? It's just not logical.
    3. I've still not received any response to my (admittedly slightly tongue in cheek, see point 1 above) request that my issues with the company be dealt with here in public and not in private. In fact the only response I received was from the 'hacker'. That really is a remarkable coincidence.

    Can I have my money back now please?
     
  5. rik_uk3

    rik_uk3 Banned

    Joined:
    Jun 10, 2006
    Messages:
    13,320
    Likes Received:
    18
    Location:
    south wales
    Not if you use a proxy server I thought? Handy to have for accessing some US sites that don't stream to the UK.
     
  6. Wayland

    Wayland Hárbarðr

    Joined:
    Apr 18, 2005
    Messages:
    10,422
    Likes Received:
    801
    Location:
    A traveler of both time and space
    That sort of attitude seems to be exactly the problem.

    I'm sure you would like to remove your post now as it illustrates precisely the type of response that many members have reported from your company.

    As I said in my first post, I think it is time to make this thread sticky to protect our members from such appalling business practices.
     
  7. Tony

    Tony White bear (Admin)
    Admin

    Joined:
    Apr 16, 2003
    Messages:
    21,609
    Likes Received:
    388
    Location:
    Wales
    ok all, let's calm down a bit till we've sorted this out a little, there's no point having more fuel added to the fire, enough has been said already.
     
  8. Martyn

    Martyn New Member

    Joined:
    Aug 7, 2003
    Messages:
    5,252
    Likes Received:
    31
    Location:
    staffordshire
    It's of mixed benefit Rich. Tracking someones IP is only really any use if they use a service provider who issues unique IP's on each login. With ADSL it can be helpful as people often dont reboot their router for months, even years. But some turn it off every day, which results in huge long lists of IP addresses, each of which get dynamically reallocated to other users of the same ISP. Also, some ISP's like AOL use a proxy server and route all their customers through that, making it impossible to track an individual back further than the proxy without the help of AOL itself. Also people who use dialups have a different IP on each connect. Again these IP's get reallocated to others and are used dynamically, meaning you often see the same IP allocated to completely different individuals who just happen to be using the same service provider. Sometimes you can proves things, but it's rare. More often you just get circumstantial evidence which supports a suspicion, which is all that is needed usually. Sometimes you get nothing to go on at all. It all depends on the type of connection and the service provider being used.

    One thing I would say, is that in over 10 years of being a vbulletin admin, I have never known a genuine example of an account being brute-force hacked. Sometimes an individual may use a computer in a library, cafe or university and forget to log out, then another person clicks on a link in the browser history and gets logged in by the active cookie - but in this example, I think it's unlikely that the person used a library computer, if they are a web administrator, then they usually know to log out of such machines anyway. The person is using a domain email address, which means they either have domain control or an allocated email address from someone who has domain control - meaning they are authorised one way or the other. It's possible that the account on here was accessed on an office or shop computer and then left open and another employee wrote the messages, but that's not much better.

    In short, it's almost unheard of to have a vbulletin account brute-forced hacked, so that's out. It's possible a public computer was used and the user forgot to log out, but I doubt it (and an IP search would reveal the use of libraries/cafes/universities etc as they do use static IP's). It's possible a work computer was used and another employee made the comments - but I doubt it, why would they? The issue of "dont phone the shop, contact me directly" makes me smell a rat too. As Ged said earlier, that's not how companies do things. Web developers dont suddenly become complaints handlers (unless the owner, web developer and complaints handler are all one person). Lastly, the comments made in this thread are consistent with the history of the company and the numerous complaints made about their customer service and people skills. Conjecture mostly, draw your own conclusions, I've drawn mine. :)
     
  9. hedgerowpete

    hedgerowpete Nomad

    Joined:
    Dec 8, 2011
    Messages:
    275
    Likes Received:
    0
    Location:
    smethwick,birmingham,west midlands,pork scratching
    i had to get my YOUNG son to translate this into english, lol
    after reading the whole thread it does seam to sound like several companies i have heard about from several industries with questionable ethics. I come from a bee keeping forum and there is one person who has set up 4 companies one after another after each one fails, it does seem to be getting quite common, poor quality internet based services. shame realy as it does put one off from using this or other companies like them
     
  10. Martyn

    Martyn New Member

    Joined:
    Aug 7, 2003
    Messages:
    5,252
    Likes Received:
    31
    Location:
    staffordshire
    Sorry, what it basically says is I think our web developer is telling fibbs. ;)

    Forum accounts almost never actually get hacked. It's a very difficult thing to do, that requires a lot of time and effort from a determined and technically knowledgeable individual. Which begs the question, why would they bother? Accounts that get compromised are almost always a result of carelessness - not logging out after using a public or office computer. If someone else at surplus and adventure made these comments, you again have to ask why would they? They would risk getting sacked for the bad PR. Which leaves public computers, libraries, universities and the like. If none of the IP's resolve to such, then the only other possibility, is our man is telling fibbs.
     
    #70 Martyn, Jan 17, 2012
    Last edited: Jan 17, 2012
  11. ArmySurplusUK

    ArmySurplusUK New Member

    Joined:
    Jan 2, 2012
    Messages:
    16
    Likes Received:
    0
    Location:
    Worcester
    Can you tell me what IP address was found?
     
  12. calibanzwei

    calibanzwei Settler

    Joined:
    Jan 7, 2009
    Messages:
    885
    Likes Received:
    0
    Location:
    Warrington, UK
    It is even worth following up? General consensus is that either;
    a/ you're a 'representative' of a negatively thought of company (not surprising regarding the stories told within this thread and your own attitude)
    b/ a 'faker', trying to obtain client details by saying you're a/
    c/ someone who has 'hacked' this account or either a/ or b/
    d/ some combination of the above

    Lock teh thread ;D
     
  13. dwardo

    dwardo Maker

    Joined:
    Aug 30, 2006
    Messages:
    6,129
    Likes Received:
    170
    Location:
    Nr Chester
    Just incase this was missed.........
     
  14. Corso

    Corso Full Member

    Joined:
    Aug 13, 2007
    Messages:
    4,467
    Likes Received:
    84
    Location:
    kent
    hmmm what he said.
     
  15. Seoras

    Seoras Mod
    Mod

    Joined:
    Oct 7, 2004
    Messages:
    1,899
    Likes Received:
    40
    Location:
    Bramley, Hampshire
    Ok folks

    I have deleted two posts that contain links to hacking forums. Until I speak with Admin they will stay that way.

    Re the last few posts about calming down - Please do it.

    Cheers

    George
     
  16. Tony

    Tony White bear (Admin)
    Admin

    Joined:
    Apr 16, 2003
    Messages:
    21,609
    Likes Received:
    388
    Location:
    Wales
    It's very interesting that this thread has gone from issues with Surplus & Adventure to issues with bcuk, especially since we don't really have any, any system can be hacked but bcuk has not been, especially your account, it seems to me though that just to make sure we'll just make it completely unable to do anything so that any hacker gets bored, or maybe we should just delete it and have done.

    Looking at the first IP's they were via 'threembb.co.uk' which is likely a mobile device of some sort, now I'd imagine that your mobile is less secure than bcuk so that's probably the first place to look.

    I'll leave this thread open for now so that the actual issue of sorting out peoples purchases can be accomplished, if there's any more talk of someone else did this or that, the sites been hacked, etc etc, I'll ban the account, ban the IP's and do all the other stuff I can do and leave this for everyone to read including google.

    Everyone, please now keep to the issue of items that need refunding, replacing etc and do not wander off anywhere else, I really have had enough of this one, thanks.
     
  17. ArmySurplusUK

    ArmySurplusUK New Member

    Joined:
    Jan 2, 2012
    Messages:
    16
    Likes Received:
    0
    Location:
    Worcester
    Thank you, I quite agree, the thread should be about customer problems and as I said when I first posted on the forum my offer is still there for any customer who is unable to resolve his or her complaint by phone or email.
    I was going to suggest that a friend (someone I was at university with, who now runs an Internet security company) might take a look at the forums defences, but as you say why would anyone want to hack the forum. There is another possible way that the posts were made but let's get back to the original purpose of the thread!
    .
     
  18. mrcharly

    mrcharly Bushcrafter (boy, I've got a lot to say!)

    Joined:
    Jan 25, 2011
    Messages:
    3,246
    Likes Received:
    33
    Location:
    North Yorkshire, UK
    If I were the forum owner, no way would I let a random stranger, recommended by another stranger "take a look at the forum's defences".
    If there was a problem with the forum defences, then we would be seeing problems with more than one person's account.

    The fact that this has not happened suggests that the problem you have had must be entirely down to problems at your end.
     
  19. Martyn

    Martyn New Member

    Joined:
    Aug 7, 2003
    Messages:
    5,252
    Likes Received:
    31
    Location:
    staffordshire
    The forum hasn't been hacked, it's BS.
     
  20. Martyn

    Martyn New Member

    Joined:
    Aug 7, 2003
    Messages:
    5,252
    Likes Received:
    31
    Location:
    staffordshire
    Mate, if you want to move forward, then I would stop trying to blame forum security issues for the ill-advised comments either you, someone in your house or in your office made earlier in this thread. It's obviously BS and it's just irritating. A simple apology would have bought more grace. A wise man once said, if you find yourself in a hole, stop digging.
     

Share This Page