NuSphere Forums Forum Index
NuSphere Forums
Reply to topic


Joined: 29 Apr 2014
Posts: 14
Reply with quote
It was an attack on nusphere website:

Thank you very much for contacting support.
I'm terribly sorry for this incident.
It was initiated by an external attack on our website.
It did not let intruders in, and no personal info leaked,
but it unfortunately locked a few hundred licenses.
We worked very hard today and implemented a good fix, and
we do not anticipate any problems in the future.
As for unlocking your product, please download
the "unlocker" program below and run it:
---------------
COMMENT from NUSPHERE CARE TEAM - the link was deleted intentionally from the forum post, please do NOT post link
View user's profileFind all posts by CrazyPHPSend private message


Joined: 02 Dec 2015
Posts: 5
Reply with quote
Thanks!
it's fixed the problem.

We are still with your company Smile

and waiting for MAC version Smile
View user's profileFind all posts by vadim_cjSend private messageAIM Address


Joined: 02 Dec 2015
Posts: 1
Reply with quote
thanks for the fix!
View user's profileFind all posts by tobyskiSend private message
What the F@ck ? 4


Joined: 02 Dec 2015
Posts: 9
Reply with quote
Too late for the fix, a whole day of lost work.
I will be switching to another IDE ASAP!

How this situation was handled it is VERY lame at least .....
View user's profileFind all posts by dn4gyelekSend private message


Joined: 02 Dec 2015
Posts: 3
Reply with quote
Very happy it's fixed now... Very Happy

thanks to Jay Park, NuSphere Support
View user's profileFind all posts by MrErSend private message


Joined: 07 Nov 2007
Posts: 44
Reply with quote
Many thanks to everybody for understanding.
Please note that we deleted the link to the unlocker program from the forum post of our email above, please do NOT post the link to unlocker, please contact us directly if you didn't get an email with the link or if you need more help. It's for your own security and protection.
Best regards,
Nusphere Customer Care Team
View user's profileFind all posts by gitmansSend private message
Re: What the F@ck ? 4
Site Admin

Joined: 13 Jul 2003
Posts: 7901
Reply with quote
First of all, guy, I'm sorry for the problems too.

dn4gyelek wrote:
I will be switching to another IDE ASAP!


seems that's exactly what attackers wanted you to do.

_________________
The PHP IDE team
View user's profileFind all posts by dmitriSend private messageVisit poster's website
Re: What the F@ck ? 4


Joined: 02 Dec 2015
Posts: 9
Reply with quote
dmitri wrote:
First of all, guy, I'm sorry for the problems too.

dn4gyelek wrote:
I will be switching to another IDE ASAP!


seems that's exactly what attackers wanted you to do.


... last time when I reported an error it took 9 days to get an answer, got fixed in another 5+ days, so figure.
Now I got the acknowledge e-mail after I've completed the form after 5+ hours, got a solution after a whole day.

It isn't about the other guys/attackers, it is because of your lagging response.
View user's profileFind all posts by dn4gyelekSend private message
2nd.


Joined: 02 Dec 2015
Posts: 9
Reply with quote
No compensations were offered about the lost time/work, just "sincerely apologize for this issue" ...
View user's profileFind all posts by dn4gyelekSend private message
Will it happen again?


Joined: 02 Dec 2015
Posts: 5
Location: New Hampshire, USA
Reply with quote
I think an explanation is in order. What assurance do we have that this will not happen again? Did NuSphere make any changes to prevent this type of issue moving forward?

The official support email (after the fact) said you "locked [out] a few hundred licenses" WTF. Your tools are what we use to get our jobs done, if your tools are dead so are we. In the end if I can't count on PHP ED working, I'm putting myself at risk using it.

It is also disturbing to me that there was no official recognition of the issue for 8 hours after the first tweet or post on this forum. That is just not acceptable. You email us when you have a new version to sell, or upgrade. But you don't inform us in any way when you lock out (or choose not to let in. semantics) hundreds of licensed users? No status update in my NuSphere account. No info on the website, Facebook, or Twitter. No comment in the forum? This behavior is just not something a company who appreciates their user base does.

Without some level of assurance that this won't happen again and a vow to better communicate with licensed users, it would be pretty stupid of us to stay with NuSphere.
View user's profileFind all posts by KimballSend private message


Joined: 02 Dec 2015
Posts: 2
Reply with quote
I've tried to ignore the vitriol here, but I think maybe a taste of rational discourse is in order.

If you've ever experienced a server breach or server failure, you should know that your first priority is assessing the damage, and then repairing the damage. It's an 'all hands on deck' scenario. While we all would have appreciated better communication from Nusphere, I certainly would not trade that user hand-holding for increased down time.

I've used PhpED since 2003, so say conservatively 20,000 hours of coding and this is the first failure of this type. I've had issues where PhpED didn't behave as expected, or I just didn't understand how to accomplish a task, but never a complete failure. In my book 8 hours out of 20k is not a bad track record. What's that? 99.96% uptime? Not bad in my book.

And all of the talk about being unable to work... am I the only one that knows how to use or find another editor in a pinch? I downloaded Bluefish (free) and kept working. Granted it was not as elegant or sophisticated as PhpED, but I didn't sit twiddling my thumbs waiting for resolution or whining about restitution for lost time (reality check in order on that one).

Given the quality of the product, I have every confidence that Nusphere is evaluating and making changes to insure that this type of problem does not arise again. End rant.
View user's profileFind all posts by tiolocoSend private message
Please keep a balanced view


Joined: 04 May 2014
Posts: 1
Reply with quote
Yes, we make money by the hour. Yes we want instant response. No they can't compensate you, nor should they. The hackers should! (and should be in jail). But now we're talking fantasy land people.

If there was a precedent to compensate in these cases, I'd say most of us would be out of business. There is a ton of work out there for good programmers. If you're so riding the budget rails you can't take an attack on the chin for a loss of less than one day's wages, you need to find different work.

Clients reading this: DO NOT HIRE ANYONE THAT CLAIMS THEY HAVEN'T HAD TO DANCE HARD IN THE FACE OF CRISIS!

All in all, this was not bad turn around. I'm sticking with this good IDE with the fastest line step debugging I've found so far (among the top IDE's I tried).

The fixer program seemed to be doing lots of stuff. Does it simply shunt the license check? That would explain why they don't folks posting a link to the program! I would like some information from NuSphere about how confident they are that there are no back doors in their program. I fear my machine is now a zombie.
View user's profileFind all posts by phped_nowisitSend private message
PHPED Blocked this morning....
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
All times are GMT - 5 Hours  
Page 5 of 6  

  
  
 Reply to topic