theposse.org: Firefly is back

Firefly is back

Posted by jworisek at 2005/06/16 12:25:05 CDT
Edited at 2005/06/16 12:25:59 CDT

Im sure everyone has heard of it by now, but Scifi is picking up season 1 of Firefly and airing it starting Friday July 22. So unfortunately some of you will have to tivo that bitch since we dont get it up at my cabin. Oh, and they are airing 3 episodes never released as well.

http://www.tv.com/story/story.html&story_id=335 (yeah, I'm lazy)

Oh, on second though, we might be able to pick it up since we are borrowing a dish receiver for the summer... But probably not if there are any ladies up that weekend.

Or maybe im not lazy... Nice job on making it automatically recognize links without additional code.

2005/06/16 12:46:33 CDT by jworisek

One small bug, but if you put in the wrong username and request the password by email, it says the email is sent even though theres no account for that username.

2005/06/16 16:30:46 CDT by burn

The man signs up and finds a bug. give that man a golden star.

2005/06/16 16:45:10 CDT by mattsteg

Quote from burn:

The man signs up and finds a bug. give that man a golden star.

How about a golden shower?

2005/06/16 18:42:47 CDT by Temporal

Quote from jworisek:

One small bug, but if you put in the wrong username and request the password by email, it says the email is sent even though theres no account for that username.

Hmm. Conventional security wisdom says that you should not provide hackers with an easy way of figuring out whether or not a particular username is valid. Like, most systems that request a username and password will give the same error message for invalid usernames and invalid passwords, for security reasons. Along the same lines, I wrote the password generator system to say that the e-mail was sent even for invalid usernames...

But, actually, since then I've decided that that rule is more trouble than it's worth. It's really just security by obscurity, and it's not hard to figure out what user names you want to crack by looking at any of the hosted sites.

In short: It's a feature, not a bug... but you're right that it shouldn't work that way.

2005/06/16 20:38:58 CDT by burn

Quote from mattsteg:

How about a golden shower?

I retract my golden star request and second the golden shower motion from the fair representative of Minnesota.

Temp: I now realize that the "bug" is in fact a "feature"... however I noticed that www.evlan.org has not updated its security section to report this new "feature." :p

2005/06/16 22:43:19 CDT by Temporal

It's not a new feature. I wrote it that way in the first place. There's nothing to update. evlan.org has no security section. This feature/bug actually makes the system more secure, not less.

2005/06/17 00:38:44 CDT by Mojo

Hmm you can't quote the Original post. any way...

You do know that FireFly DVDs are out:
http://www.bestbuy.com/site/olspage.jsp?skuId=6096681&type=product&id=1324175
Rather Cheap too - $35 for a really damn good TV show. Hopefully I get ebay tickets to the movie rather cheap (god bless www.cantstopthesignal.com ) though I wasn't aware that they were haven't a 3rd showing, last one as a month ago. Some friends went to that and said it was really kickass awesome, though they paid about $100 a ticket, I hope to not have to pay that much, 30 is probably the max I will go.

Batman Begins, kicks ass, [/rambling post]

2005/06/17 09:40:36 CDT by jworisek

I understand what you mean about the security of it. My problem was that I used Cow on the old posse site and forgot I switched it, so I requested the password for Cow and then checked all my email accounts and didn't see anything. So then I went to scouring the site looking for an admin email/message option. Thats when I noticed that I registered a different name for this one. I was just worried that I had mistyped my email addy or something.

Can anonymous users leave messages on here?

2005/06/18 00:23:08 CDT by Temporal

Yeah, like I said... It would probably be better to make it say if the username is invalid. But I'm not going to bother for now. :P

No, anonymous users cannot post. But, anyone can register a new username and then post.