theNook forum is currently BACK ONLINE :)

[apothecary]

Oh yeah. If you did notice funkiness, then you are most likely infected with something! Install the latest version of AVG antivirus and do a scan. Do not trust most antispyware/antivirus vendors.

As for recommended software, if you have to use windows, then you need at least

Spybot S&D, AVG, something firewallish like ZoneAlarm, MS Internet Security.

[bit]

Oh yeah. If you did notice funkiness, then you are most likely infected with something! Install the latest version of AVG antivirus and do a scan. Do not trust most antispyware/antivirus vendors.

As for recommended software, if you have to use windows, then you need at least

Spybot S&D, AVG, something firewallish like ZoneAlarm, MS Internet Security.

I agree with all said above, with the addition of using either Firefox or Opera as your browser. Although Firefox has become a bit too popular for it's own good and it's security holes are starting to be exploited just like IE.

Also, Microsoft Antisyware (now Windows Defender) is a good free download which is getting better and better.

http://thenook.org is back and safe with a message explaining the situation. Forums are still not back up yet, 404 error.

[zee_werp]

Where can opera be had at?

[kakti]

I just installed and ran the latest version of Kaspersky Anti Virus and found the viruses I believe came from the nook. I was running Firefox when viewing. The virus was Trojan.Java.Binny.a If anyone wants a copy of this (Kaspersky), PM me

[M S Smith]

The site says Kaspersky Anti Virus should only be installed after removing other virus software. Is this truly necessary?

~Michael~

[bit]

Where can opera be had at?

Free download: http://www.opera.com/products/desktop/ Note that the screenshots show all it's gadgety features enabled. The first thing I usually do with a new opera install is turn them all off. Opera can be a minimal or as cluttered as you like.

The site says Kaspersky Anti Virus should only be installed after removing other virus software. Is this truly necessary?

~Michael~

Yes, you should never install/run more than one anti-virus at once, they tend to interfere with each other. Having 2 installed usually ends up giving you less protection than one.

[zee_werp]

For those who are too sketched out to go there, this is what you see when you do. The middle paragraph has been added, obviously by the hacker.

[kakti]

No members in russia? Jorge has provided links to Russian hosts before, at the nook and at Ayahuasca.com, he is also pissed about his bad reputation at the nook. I am not saying it was anyone, but there is something to consider.

That terrible english and being dishonored on the forum sounds exactly like Jorje IMHO. Plus he had his russian customer that was supposedly very happy with him on aya. Whatever the case...what a bunch of immature losers, I thought hacking website and taking over IRC channels was only cool 10 years ago

[Gunter]

It does seem like Jorge, by proxy I suspect.

I could be wrong.

[Torsten]

I don't understand why so many folks think Jorge is malicious. He might be an incompetent business operator and he might even scam the odd dollar here or there (mind you, I've read many of the complaints against him and I have to say that none of them are abnormal when dealing with the average Southamerican, African or Indian peasant turned supplier), but why would he do this to the nook?

Don't forget, the nook (like most forums ) arose out of a division on another forum and there have always been some pretty nasty politics in the background. Given that sort of history I think it is unfair to point fingers with so little - I mean NO evidence.

I think more significant is what apoth told me. The nook did not bother updating their software and were still running a version with a major security flaw. In all the history of IPB I could not find any other incidence where the developers were SO concerned about the effects of this security flaw. To not upgrade was simply slack of the admin, and yes, I know how that feels, but there are times when you simply have no choice.

[Gunter]

There are always the usual suspects with anti-nook sentiments, but those people are not folks who post and could claim to have posted threads that they have been dishonored in.

why would he do this to the nook

It seems that whomever was doing it was trying to remove the nook, and they had a complaint about its content, "dishonoring" them. I can only think of one person with motives along those lines, let alone those that could be tied to economics and entheogenic trade. Not that it was, but if you think a place is costing you money through a bad review, would you try to solve that? Not too long ago Jorge came back and kept trying to make unapproved sale related posts and claimed he was all good, all of his claims and quotes were flat out lies and or taken out of context. Many of his posts were promptly deleted. It seems that he tried every alternative to correct his review, but only in the most dishonest way.

I am not saying Jorge did it, he has also established that he cannot be trusted, he has emotional and economic motives, he has the Russian connection, he uses broken English in a rather identical manner and even uses some of the same phrases that appeared in the email. Lets face it, even if it wasn't him, he benefits and can even take pleasure in the event.

As for malice, I have never met a human incapable of malice.

Edited March 29, 2006 by Archaea

[Gunter]

To you the card from the favourite person has come to see it please pass under this reference

A day or two before the email Jorge was in chat and identified himself as the "favourite person" The line above is what was in one of the bulk emails.

Consider the title of the email

To you the card has come

The grammer seems like that of a spanish speaking person who knows english as a second language, and poorly at that. Having read the board for some time I have noticed that even European members who speak english as a second language don't post like that. The only person I have seen at the nook who speaks like that is Jorge.

I am not saying it was Jorge at all, I am only saying the boot fits. The grammer, the phrases, the motive, the connection etc. It seems to fit so well, I'd assume that if it isn't Jorge, it is someone who is familiar enough with his nook issues to make it seem like it was.

Edited March 29, 2006 by Archaea

[apothecary]

Archaea you're getting a little Sherlock Holmes.

This guy was a classic script kiddie, broke in, left a backdoor he could access but nobody else could, patched all the flaws, and installed malicious code into the forum to infect more users.

Dr. Bombay seems to think this guy is going to go away after they close up holes in their system when the guy has almost assuredly put a subtle hole in there that nobody else can see so he can reaccess whenever he likes (unless Dr. Bombay is smart enough to completely remove all files on his hosting provider and start from scratch).

The database was only removed by this guy after Dr. Bombay got in contact with him (or he got in contact with Dr. Bombay) and the good Dr was silly enough to antagonise the guy holding all the keys.

Personally I think it was outright dumb to call the kid immature and then be angry when the kid acted immaturely in response! What did he expect?

Anyway the point is, it only sounds like this "Jorge" character did it, if you are willing to ignore some of the facts. I am sure this script kiddie would've happily left the forums up to infect more computers (botnets are highly valuable these days) until he got told off on the front page of the website he just hacked.

Maybe "favourite person" is just a common Russian turn of phrase? I'll try and find out. Did it occur to you that poor English grammar similar to that in the banner could be attributed to just about anyone speaking an Indo-European language as their first?

Whatever. I have some actual useful information for Dr Bombay, can someone please put me in contact with him.

[Gunter]

I see nothing that indicates it wasn't Jorge in your post, just the possibility it wasn't. It could easily be a done by proxy, (human proxy not internet proxy)

What about the significance of the claim that the person had been dishonored at the nook and had posted about it?

Maybe "favourite person" is just a common Russian turn of phrase? I'll try and find out. Did it occur to you that poor English grammar similar to that in the banner could be attributed to just about anyone speaking an Indo-European language as their first?

Why not ask Nook members if they recall people with issues of dishonor at the nook who used that sort of grammer?

Anyway the point is, it only sounds like this "Jorge" character did it, if you are willing to ignore some of the facts.

What are these facts that indicate he didn't?

Jorge had a major argument with some nook member(s) in chat the day before the attack.

I suppose that it could all be a coincidence, but then it is one hell of a coincidence.

[Torsten]

If that's all it takes to get Jorge to take down a site then I guess ayahuasca.com better watch out

I deal with a few south americans and russians on forums and in business and my first impression of the grammar was that of eastern european rather than spanish. I must say the 'favourite person' comment is rather convincing though. Although, anyone could have copied that so that the finger doesn't get pointed at them. What better way to cover yourself than to have the blame piled onto an unpopular member like jorge.

btw, I know plenty of people who have dealt satisfactorily with jorge. If you don't have special requirements and keep things simple then he seems to be quite reliable. That's why I've never traded with him though as my needs are rarely simple

[apothecary]

I was just about to post what Torsten said, how come he didn't try and take out ayahuasca.com considering his reputation there was far more damaged than what I read on the nook....

[Torsten]

I was just about to post what Torsten said, how come he didn't try and take out ayahuasca.com considering his reputation there was far more damaged than what I read on the nook....

actualy, I think might know the answer to this and it comes back down to opportunity. The old version of IPB had a much more serious security problem than phpBB ever did.

Aya.com runs phpBB. Also, it's hosted on yage.net and Andy (who runs yage) knows a thing or two about internet security.

[Gunter]

I know people who were screwed, lied to and ripped off by Jorge for X, and after sending extra money ended up getting Y, but this is a side issue.

As for Aya forums, I don't think that Jorge viewed them as damaging as the nook, he was at the nook making posts that concerned his commerce, trying to tell people that he was good now, but he only used lies and those posts tended to be deleted. The aya forum is very slow as far as posts go, while the nook was active and would be if it were around. However let me again say, it may not be him. It only seems like it has something to do with him. It seems like it could be him, but may not be.

I'd like to know more about it and who it could have been, the nook is an open forum which means I am not the only asshole who can post, so I wonder who had issues strong enough, to begin and sustain an attack? Its been a few days and I have the feeling the person isn't relenting.

[Torsten]

looks like there was an even more recent security issue with IPB. known since the 8th of march and apparently capable to gain admin access. Yours truly just spent the last hour upgrading

[strangebrew]

Would it be even be possible for someone of Jorge's background to become a hacker genius?

He didn't even seem capable of dealing with his orders.

[gusto]

Perhaps intelligence enhancement is also one of the attributes of his fine products.

[strangebrew]

Yay!

Looks like the Nook is back anyway.