Branch (![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot) wrote2011-10-27 02:49 pm
branchandroot) wrote2011-10-27 02:49 pm
Entry tags:
ARGH ARGH ARGH!
OMG, LJ YOU UTTER FUCKERS!
Not ONLY do they fuck up the latest release so it allows random people access to random other people's journals and HAVEN'T ROLLED THE RELEASE BACK, but NOW LJ-SEC CAN'T LOG IN. Because those remote log-in pathways that just changed?
AFFECT THE ONLY APPLICATION THAT CAN DO BULK DELETION OF LJ ENTRIES.
RAGE.
*breathing heavily* I can only hope that the lj-sec developer is a kind soul and releases an update soon. Because this is absolutely it, I'm not leaving my content on that service for another second than I have to. Nothing but public links to other sites!
ETA: It has been suggested by a party who wishes to remain unnamed, but who has some cause to know, that the reason a release like this will not be rolled back despite security failure is most usually that this release fixes some /other/ security bug that was being actively exploited. Additional recommendation: try logging out of LJ and not logging back in until it's fixed. This would kill one possible cause of the mad account access swapping. If it's another cause, apparently we're fucked until LJ's worker bees can scramble a fix. *sighs*
Not ONLY do they fuck up the latest release so it allows random people access to random other people's journals and HAVEN'T ROLLED THE RELEASE BACK, but NOW LJ-SEC CAN'T LOG IN. Because those remote log-in pathways that just changed?
AFFECT THE ONLY APPLICATION THAT CAN DO BULK DELETION OF LJ ENTRIES.
RAGE.
*breathing heavily* I can only hope that the lj-sec developer is a kind soul and releases an update soon. Because this is absolutely it, I'm not leaving my content on that service for another second than I have to. Nothing but public links to other sites!
ETA: It has been suggested by a party who wishes to remain unnamed, but who has some cause to know, that the reason a release like this will not be rolled back despite security failure is most usually that this release fixes some /other/ security bug that was being actively exploited. Additional recommendation: try logging out of LJ and not logging back in until it's fixed. This would kill one possible cause of the mad account access swapping. If it's another cause, apparently we're fucked until LJ's worker bees can scramble a fix. *sighs*
no subject
no subject
no subject
Yeah...their explanation seems fishy to me.
/end rant of fellow developer/sysadmin
no subject