Quote:
Originally Posted by Aisling
i'm bad at explaining these things, but i'll give it a shot.
christine's board and the ledge are both built on php, which is a scripting language. hackers target scripts because they are comprised of so many parts, so the more parts, the more chances there are of finding a weakness that they can exploit.
vbulletin (which the ledge uses) and phpBB (which christine's forum used), are always on the lookout for problems in their code; it's a never ending process. you fix something, someone finds a new way to hack in. you fix that, they find a way to hack through your fix. repeat ad nauseum. so companies are constantly issuing newer versions of their product, or offering security patches, updates, trying to keep one step ahead of idiots like our turkish friends.
in a way, it's kind of like anti virus software: in order to stay alive, it has to keep updating itself.
because there was no one updating christine's site, the exploit the hackers used to get in was never covered by a security patch.
hope that was sort of helpful.
|
Yes, that does help to explain it. It kind of sounds like the Windows Updates that you have to download & install every month.
I wish you had been in charge of that website. Then those hackers wouldn't have been able to ruin that message board.
