The Burning Question

Discussion in 'XenForo Discussions' started by AWS, May 13, 2012.

  1. GTB

    GTB Regular Member

    What ever you do, don't head over to XenForo today winding them up! :unhunh:
    2 people like this.
  2. iTuN3R

    iTuN3R Regular Member

    [quote="Kier]FWIW, the XSS flaw was in the third party SWFUpload Flash file, rather than any code written in-house.[/quote]

    He replied you mark !
  3. GTB

    GTB Regular Member

    Good point actually, Mark has been caught out with that one.
  4. Mark.B

    Mark.B Guest

    What difference does that make? A security flaw is a security flaw, unless someone doesn't mind being hacked when it's third party code.

    My point is, both vB and XF have a good record for fixing these issues and it's childish for some people to say vB has a problem when it doesn't.
  5. Mark.B

    Mark.B Guest

    I didn't post to wind them up. We have been saying for ages that 1.2 wasn't imminent and we have been abused and insulted by a small minority of people. I feel those people should now apologise and admit we were correct.
  6. GTB

    GTB Regular Member

    I think the point was, the FLAW wasn't introduced by bad coding on part of the devs at XF, like it was on vBulletin. It's a 3rd party product they didn't code.
  7. Mark.B

    Mark.B Guest

    That's not what they were saying. They simply mocked vBulletin for having a security issue.
  8. iTuN3R

    iTuN3R Regular Member

    So you are saying it's not fault of Vbulletin of having bad coding on their side ? ah common fanboi
  9. GTB

    GTB Regular Member

    Come on Mark, play the white man. Admit when you got it wrong, otherwise you look no better than the XF fan-boys.

    Kier himself cleared the mistake you made.

    View attachment 2208

    Attached Files:

  10. Mark.B

    Mark.B Guest

    I didn't make a mistake. I wasn't commenting on in house code or otherwise.

    I'm pointing out that all software ends up with security flaws. Anyone who thinks that's bad doesn't understand software.

    What's important is how quickly and efficiently it is patched.

    Both vBulletin and XenForo do extremely well in this regard, and I have always said so.

    (I cannot comment on Invision as I am not a customer of theirs).

    Once again my point isn't to knock XenForo it's to knock people who blindly do the "vB bad/XF good" thing without thinking it through.

    EVEN IF THE XF FLAW HAD BEEN IN NATIVE CODE that still wouldn't suddenly make them bad coders.

    People get far too emotional over the whole "security patch" thing. The only concern should be - is my software provider alert and responsive when issues crop up, no matter what the source. If they are - then that is a GOOD thing, not a BAD thing.

    As ever of course people will turn this into "Mark is bashing XenForo" when the exact opposite is true. :rolleyes:
  11. GTB

    GTB Regular Member

    Oh dear, Floren spoke too soon! XenForo 1.2 delays.

    And what's with that BamaStangGuy (I look like a werewolf in my avatar). He seem to have an awful lot of negative comments to make to other people.
  12. Mark.B

    Mark.B Guest

    Didn't BamaStangGuy get banned from vBulletin for much the same thing years ago?

    Anyway, much as I like and respect Floren, I think that was a step too far.

    As customers there is no pressing need for us to know detailed reasons for delays - only that there are delays.

    It is admittedly nice if companies can tell you, but there can be a multitude of reasons why they can't or won't.

    Today's statements from the developers are good enough for me going forwards. I still think the silent period was completely out of order - especially as it has now apparently passed without explanation or apology - but as long as there is now some interaction between the team and their customers going forwards, it is probably best left in the past.
  13. GTB

    GTB Regular Member

    I remember he was a troublesome person back then to deal with, not sure if he got banned. But I had a few run-ins with him at vB.
  14. Mark.B

    Mark.B Guest

    Don't mind people speaking their minds forcefully - obviously, as I do it all the me - but he is just rude and insulting a lot of the time.
  15. GTB

    GTB Regular Member

    Not sure I agree with you there, moving forward in what kind of sense? I'm looking at it like this, after seeing what's happened today on XenForo.

    They have not given an estimated future date for 1.2, that must mean very little has been done with then. Otherwise they could easy say July or August to my mind. Offering a 1.1.3 Maintenance release doesn't do anything for me, and it's not what I was waiting for and doesn't even come with the needed extra features like StopForumSpam. 3 months have past with them saying nothing, we all presumed that "maybe" they was working hard on getting 1.1.2 ready, but it's not the case and only we see 1.1.3 with some bug fixes and no extra features. It's a long time to wait and all the silence with it - just for a "Maintenance" release.

    I'm really not convinced they have got very far in developing XF 1.2, and don't think people will see it released for a long time to come either. Still feel they might have put it on hold pending the outcome of the court case, and this "1.1.3 Maintenance release" today could just be a ploy to try a please people for the time being after seeing things taking a turn for the worse this past week on XenForo and the end of June coming fast (panic set it), along with them showing some activity on the forums now to try and boost things. Na, I think people are being too easily fooled myself!
  16. Mark.B

    Mark.B Guest

    You could be right, but we demanded updates and communication, and now there has been some.

    They may once again go silent now, we shall see.
  17. GTB

    GTB Regular Member

    They don't have any need to go silent and missing again now, they've not given a 1.2 release date for people to pester them about (they have an open date scheduled) now to play on. This has been a last minute thing to me, they started fixing more bugs last week telling me panic stations set in and they probably only started actually working on 1.1.3 about 1-2 weeks ago.

    Like I say, I'm not convinced at all by today.

    I was expecting 1.2, not a 1.1.3 Maintenance release after 3 months of waiting and putting up with all that silence from them. Maybe it's good enough for you to accept that, it's most certainly isn't for me.
  18. Mark.B

    Mark.B Guest

    It's not so much that it's good enough, on reflection, but what it does is it answers what people like me were asking - updates and communication.

    Starts to look unreasonable if you then respond with "yes but that's not what I wanted to hear".

    As when Kier posted his update a month or so back, I'll watch what happens for a short while now.
  19. GTB

    GTB Regular Member

    You're too easily fooled if you ask me, you buy into things way too easy on face value, instead of looking more in-depth at the bigger picture. I'm not so easily taken-in by KAM, not like you are. I suspect neither is AWS.

    If they've been slaving away on 1.2, surely it must be arriving at least in July or August at the latest. So why can't they say it's 2 months away, if it comes sooner than that, it's a bonus for them? I know why they've given no date, because you'll not see it this side of Jan 2013. You've just had the wool pulled over your eyes.
  20. Mark.B

    Mark.B Guest

    I'm not here to bash them or troll them. If it all goes quiet again I'll be the first to speak up. And I certainly haven't been fooled by anything.

    They have still achieved a massive, massive amount in a short time, and I still wish them every success. I truly hope this has just been a blip, but if not I will be around.

Share This Page