OpenCPN Homepage hacked

[CarCode]

It seems the official OpenCPN homepage is hacked.
Open this link and see for yourself: | Official OpenCPN Homepage

Especially Windows users should be warned to download anything from OpenCPN | Official OpenCPN Homepage

This website is not a safe address. Safe websites uses instead https:// and not http:// as opencpn.org does.

Gerhard

[CarCode]

For Windows users which are afraid now to navigate to opencpn.org here is a screenshot of today.

Gerhard

[rgleason]

Carcode I agree that the website should use https. How do we know it is not a user? Pavel indicated it was bots last time.
There is a lot of everybody's work here. Is it backed up? Is someone trying to damage O reputation? We need to get this addressed. Wish I could help.

[rgleason]

I think we should also be updating the website interface to address some of the security issues. It is quite old.

[rgleason]

Also AWS is a great way to backup. If you setup to remove older copies on a rolling schedule it may cost $1-2 per month. We pay less than $1 per month and have 6 months of backup.

[rgleason]

Norton SafeSite shows the Website and main links as GREEN and rates them as all SAFE on all four counts. Also I don't see that page. Could it be a local mirror or something?

https://safeweb.norton.com/report/sh...source=toolbar

It is true that the website is not encrypted, but that would slow things down a little and for a public website that is not transmitting private information is that needed??

I do think that it should be an https encrypted connection when logging in and editing, etc.
and it is not secure and using https for that!

[rgleason]

We need better tools for Users that have logged in, when they signed up, what activities from each user's page, etc.

Also someone should be validating these people and the free login should be shut down now!

Look at this user boylamion two days ago.

We are going to have to sanitize the existing user database, by testing responses and checking activities on the opencpn.org website.
Track
News Story
Atlanta Falcons v-sMiami Dolphins Liv-e S-tream -NFL 2016 newboylamion02 days 14 hours ago

Should this person be deleted? How?

[CarCode]

Come on rgleason,
you are years behind of todays technology.
Check with: https://observatory.mozilla.org/
A result of "F" is the worse.

Gerhard

[rgleason]

Who is ? (many of these are members for 1-4 days)
zaazlooz2 4 days
sprtevil033 4 days
kuachella

zaazlooz2


sprtevil033


surjo12


hasan2


streaming


bdbhxhhg


khanzony8


temmuz002


Necrofear


gftgfrhghgfhfhgf


snmamm


shanuseni


junu

wm645117


kelseywiley75


sumoundit


tomash


jakopp


usana


arif


nosto01


mecoxaxug


fullkoli101


ivnwork2





asrinku
Is this guy a legit user??




eellss


asrinku126


pungtapola


aponmanik


viliamjakubicka


wkshjbqh

I did find a few I recognized taifan

Going through the User List, it appears there a lot of users that should be challenged or deleted. This is getting very serious.

[nohal]

The site is not hacked. There is just someone posting automatic spam into the news section of it for the past few weeks, which is allowed by design and technically we were just lucky nobody did it before. The captcha the website uses should certainly be hardened to stop it. There is nothing to worry for the downloads, which are also hosted on a completely separate CDN.
An F rating in the scan posted seems quite common, and irrelevant to what's happening.

Yes, opencpn.org needs some more care, yes, it is generally nice to use encryption everywhere, no this is not the end of the world.

Pavel

[rgleason]

Thanks Gerhard,
https://observatory.mozilla.org/anal...st=opencpn.org

This is using https so it would fail for sure, but I do agree with you.
The problem right now, is that we need to shutdown free/open registration of users NOW!
Then sanitize the User database and come up with a good managed plan to accept registration so that we know who can edit! I really don't know what should be done, beyond that.

[rgleason]

Pavel, Thats good to hear, but Look at the Registered users!! Many recent <8 weeks are surely spammers or bots or something. How do we clear those without deleting someeone?
I think open registration should be shut down and have it managed until there is a better captcha and identification form which requires a legitimate forum pseudonym also (maybe this requirement for registration on Cruiser Forum would help?).

[rgleason]

Quote:

asrinku
Is this guy a legit user??

Yes he is. He PM'd me.

[rgleason]

Login and check this one out, just for the fun of it.
http://opencpn.org/ocpn/user/13518/track

This type of thing is what is slowing the website and causing crashes I think.

[cagney]

Quote:

Originally Posted by rgleason

...
How do we clear those without deleting someone?.
......

The activity of each user is documented. If they have contributed to a illegitimate post -> delete them. This would probably cover the wast majority, if not everyone.

/Thomas