Postmortem Security Breach on October 23rd, 2025

[UERISIMILITUDO]

Oh, that explains the downtime then. I always like reading about these attacks and the defenses put in place against them, preemptively and not. It's fascinating stuff. I just finished making another offline backup of some important data yesterday, and times like these are always a good notice to do a digital perimeter check. Maybe I should start a thread on security autism for a website like this, or see if one already exists, since this kind of topic would be fun to discuss.

I've read somewhere that user login data, such as IP addresses and the like, are regularly purged after a month or so. I've also read that images have their EXIF data scrubbed on a similar timeframe. Is that true @Null, or have I been misled?

 

[Asterism]

i have brought duct tape

 

[GaryGray]

To be safe leak all DM chains with more than 50 users.

 

[Harvey Danger]

> /.git/ left out in the open

Time to audit .gitignore and make fun of the common misses.

 

[Sooty Soot]

Have you considered contracting some skilled-Indian tech engineers to help you secure the forum, Jersh?

 

[Meiwaku]

I appreciate all of you trawling the file for funny. Please continue.

 

[joebobmurphy]

Oh no, my nudes!

 

[SandyCat]

Well the file is still on the server so

Spoiler: kiwi_foxdick.png

View attachment 8070594

Yes I realize it only raises more questions than it answers.

Is that just a random file someone uploaded to the file server or is this stuffed somewhere in the sites code only someone with access to the code could put there?

 

[NuII's Clitty💦]

Just a little leak, but it's OK, we can manage it.

 

[Truthkeeper]

Well, I'm glad to hear you had this under control from beginning to end. I wish you had posted on X or Telegram or something to keep us informed, but you were probably too busy dealing with shit.

 

[lurking for the deets]

I'm glad I'm not the only one who was frustrated that I couldn't get my dose of retard news this morning.

 

[Maori Kiwifruit Growers]

In laymans terms what happened and what does this mean to us?

 

[Null]

Is that just a random file someone uploaded to the file server or is this stuffed somewhere in the sites code only someone with access to the code could put there?

/cow/ would wordfilter kiwi to foxdick for reasons I forgot but it would break links. I bought the domain to act as a redirect and if you visited the forum from that domain it would use that logo.

I used to be funnier

 

[Shartavius]

You still look plenty funny to me, big guy.

 

[Gregis]

/cow/ would wordfilter kiwi to foxdick for reasons I forgot but it would break links. I bought the domain to act as a redirect and if you visited the forum from that domain it would use that logo.

I used to be funnier

Who drew the foxdick?

 

[Snorky]

Considering what the site has been through in the past when it comes to security, this is a pretty inconsequential breach all things considered. Though with the source code out there for anyone to read, one has to wonder how many vulnerabilities are in the codebase that just aren't known about yet. The transparency is appreciated nonetheless.

 

[Arbiter]

Wtf they sent 100 pizzas to my house

 

[UERISIMILITUDO]

Wtf they sent 100 pizzas to my house

Fucking share.

 

[toilet_rainbow]

I always appreciate your transparency about site updates (good and bad), Jersh. Not something you see elsewhere

 

[30+GameOvers]

I doubt anybody will use the source code to try and start their own farms, but that source code will definitely find their way into the hands of the trannies that constantly DDoS the site. Could be used to find site and software vulnerabilities. Hope there is precautions going into place to deal with that when the time comes.