• Log in with Facebook Log in with Twitter Log In with Google      Sign In    
  • Create Account
  LongeCity
              Advocacy & Research for Unlimited Lifespans

Photo

UPDATE! website downtime


  • Please log in to reply
13 replies to this topic

#1 caliban

  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 27 January 2011 - 01:47 PM


click here for another update- Feb. 4th


Click here for an important update on the downtime, Feb.1st 2011


From the newsletter:

Website under construction?

In the next few days and potentially weeks we will update the website again -- to complete the switch to longecity.org, to present a new frontpage and more non-forum pages, to update and refresh the forums and to implement new features and tools. This may lead to some periods where the website is not accessible. Please be patient, and wish us luck that we mange the changes with a minimum of inconvenience for everyone involved.

check out http://twitter.com/imminst for updates if the site is down.


Downtimes are likely to happen later today and at the weekend.

Edited by caliban, 04 February 2011 - 11:44 PM.


#2 rwac

  • Member
  • 4,764 posts
  • 60
  • Location:Dimension X

Posted 28 January 2011 - 12:33 AM

The forum got a couple of minor upgrades today. Please let us know if anything broke.
  • like x 1

#3 caliban

  • Topic Starter
  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 28 January 2011 - 09:23 PM

Some more major upgrades, please report any issues here: http://www.imminst.o...9-forum-issues/

#4 caliban

  • Topic Starter
  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 01 February 2011 - 03:30 AM

I am very sorry to report that on top of the ongoing 'building work' we were affected by a malware attack today.
We suspect the attack was implemented via our 'chat/shoutbox' which is why this feature has now been taken down.
While the attack was in place, users were being exposed to an external site known to distribute malware.

The attack was spotted pretty much straight away by users and the search engine 'bots' that index the public sections of the site. We were able to react promptly and take the site down. It took some time to isolate the problem, to establish backups and to implement a solution.

Who was affected?
I suspect there was a 40 minutes window on Monday Feb 1st around 17:30-18:20 GMT (11:30-12:20 EST) where users were exposed to the attack. There is no confirmation that any actual malware was distributed to anybody, but if you visited the site during that period, please make sure you check your computer for infections.

Google warning
Our site is now 'flagged' as insecure in google. Many browsers will explain a 'health warning'. We have requested a re-assessment, that should tell us more. The site needs to be open during this period. Until we have heard from google, their warning will stay in place.
We believe it is now again safe to surf LongeCity, but if you want to be reassured you could wait until google has re-indexed the site.

Safe?
In almost 10years of running a very open-access web platform, LongeCity has been victim to spam, denial of service and other attacks, but avoided being used as a distributors of malicious software. We are committed to re-establishing that track record, and decisions will need to be made about trade offs between efficacy, usability, richness of features and safety. The internet is not a 'safe place' - but we will at least make sure that if LongeCity and the Immortality Institute is known for being dangerous, its is only because of the open exchange of 'dangerous ideas' challenging received opinions.

Edited by caliban, 01 February 2011 - 03:47 AM.

  • like x 2

#5 caliban

  • Topic Starter
  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 01 February 2011 - 06:33 PM

Update: google finds that our page is 'clean' now, but we saw some strange behavior today that preceded the attack yesterday.

To eliminate angles, we have taken out the 'friendly url' format at the moment. Regrettably that means links to imminst forum posts may now be broken. We'll see if we can fix that in the future.

I also can't fully promise that we have closed the door to further attacks. We have implemented new security measures and closed vulnerabilities, but if the attacker is determined, there may be other attempts.
We should know more in a few days, sorry for the inconvenience.

#6 caliban

  • Topic Starter
  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 01 February 2011 - 10:15 PM

To eliminate angles, we have taken out the 'friendly url' format at the moment. Regrettably that means links to imminst forum posts may now be broken. We'll see if we can fix that in the future.


This may be fixed now. Fingers crossed.

#7 Rational Madman

  • Guest
  • 1,295 posts
  • 489
  • Location:District of Columbia

Posted 02 February 2011 - 04:37 AM

I am very sorry to report that on top of the ongoing 'building work' we were affected by a malware attack today.
We suspect the attack was implemented via our 'chat/shoutbox' which is why this feature has now been taken down.
While the attack was in place, users were being exposed to an external site known to distribute malware.

The attack was spotted pretty much straight away by users and the search engine 'bots' that index the public sections of the site. We were able to react promptly and take the site down. It took some time to isolate the problem, to establish backups and to implement a solution.

Who was affected?
I suspect there was a 40 minutes window on Monday Feb 1st around 17:30-18:20 GMT (11:30-12:20 EST) where users were exposed to the attack. There is no confirmation that any actual malware was distributed to anybody, but if you visited the site during that period, please make sure you check your computer for infections.

Google warning
Our site is now 'flagged' as insecure in google. Many browsers will explain a 'health warning'. We have requested a re-assessment, that should tell us more. The site needs to be open during this period. Until we have heard from google, their warning will stay in place.
We believe it is now again safe to surf LongeCity, but if you want to be reassured you could wait until google has re-indexed the site.

Safe?
In almost 10years of running a very open-access web platform, LongeCity has been victim to spam, denial of service and other attacks, but avoided being used as a distributors of malicious software. We are committed to re-establishing that track record, and decisions will need to be made about trade offs between efficacy, usability, richness of features and safety. The internet is not a 'safe place' - but we will at least make sure that if LongeCity and the Immortality Institute is known for being dangerous, its is only because of the open exchange of 'dangerous ideas' challenging received opinions.


Are there any suspects, or as I presume, did the sender conceal their identity well?

#8 niner

  • Guest
  • 16,276 posts
  • 2,000
  • Location:Philadelphia

Posted 02 February 2011 - 05:02 AM

Are there any suspects, or as I presume, did the sender conceal their identity well?

While correlation != causation, I'd be very suspicious of some connection to the recent spamwave.

#9 Thorsten

  • Guest
  • 538 posts
  • 58

Posted 02 February 2011 - 12:53 PM

This site is still dodgy... My Norton AV software is going mad popping up 'a recent attack has been blocked by your computer' every time I go to the home page... Yesterday it wouldn't let me on at all, saying ImmInst was a highly suspicious site and that it had horrible things lurking there. Just reporting what I am experiencing from my PC.

#10 caliban

  • Topic Starter
  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 04 February 2011 - 11:42 PM

Our hopes from the beginning of this week where too optimistic. On Monday, the problem was back, if only in part. We are not sure if there was a trace of malware lingering, or if it was a new attack, and we weren't quite sure why the protection measures we had taken with the help of our good friends at Canaca (warm thanks to Bashir Rategh for his wonderful help and advice!).
I really didn't want to take any further risks, so we went for a full lock-down again.

As the problem lingered, it occurred to us that since the site is down anyway (and google hates us now), we might as well take the plunge and switch domains. This had been planned for January, but we postponed it because we were unsure about disrupting things- well things couldn't get much more disrupted than the whole forums being down for days.

This was the longest downtime we have had for a long while and we are really sorry that you were kept from plotting deaths demise for so long. Hopefully, there is something positive from this downtime. Let me count the ways:
- we upgraded security protocols and software, making the site more secure
- we learned what good friends we have at Canaca (thanks Anthony! Thanks Bashir!)
- the newly constituted Engineers team really came together. Rwac especially was patient and tireless in holding my hand throughout.
- we learned new things about how our software operates and how to break it (Singularity beware)
- we made the plunge to the new domain and thus the final step in the venture towards new and bigger horizons

So now, you'll see a fancy new domain name in your browser. You may find that some settings are no longer remembered - such as which threads you visited. Hopefully, the important redirects are working and hopefully this will also ward off the attack scrip whatever it was. However, we are not sure about that bit - so please, over the next few days, use the forums with a bit of caution and only if you have antivirus software switched on.
Please be patient while we monitor this switch and please let us know if something is strange or broken.
  • like x 1

#11 Rational Madman

  • Guest
  • 1,295 posts
  • 489
  • Location:District of Columbia

Posted 05 February 2011 - 04:46 AM

My hat goes off to you guys, way to go!

#12 Rational Madman

  • Guest
  • 1,295 posts
  • 489
  • Location:District of Columbia

Posted 06 February 2011 - 09:11 PM

I think we should make an announcement that the Imminst.org pathway doesn't work, because some--like myself---may continue to use this route as a matter of habit.

#13 caliban

  • Topic Starter
  • Admin, Advisor, Director
  • 8,953 posts
  • 1,807
  • Location:UK

Posted 06 February 2011 - 09:23 PM

I think we should make an announcement that the Imminst.org pathway doesn't work, because some--like myself---may continue to use this route as a matter of habit.


It will work off and on over the next few days. It will only break if we need to look at the old site for some reason.

I'm getting cold feet about the move myself. The malware is gone so thats good, but some other things are still broken. Rwac suggests that we try to stick it out at longecity, I'm not so sure. :unsure:

If we move back we will transfer all the posts across, so you don't need to worry about that.

However, I would suggest:

DON'T UPDATE YOUR BOOKMARKS YET!

#14 Marios Kyriazis

  • Guest
  • 466 posts
  • 255
  • Location:London UK

Posted 07 February 2011 - 10:14 AM

Some other 'Immortality/Antiaging' discussion forums were down in the past few days too. I wonder if it is just a coincidence, or a deliberate attempt by someone. If it is, let's hope it is just a crackpot and not something more sinister....




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users