We have serious complaints about roundcubeforum.net. Please read the message below. I know that Devs are not responsible for the forum in any way, but we all should care about the reputation of the Roundcube Project.
Dear Dev Team,
It is with the hope that something is done in the future to correct what I'll be sharing here today. I do not pretend to criticize something that I'm not familiar with and I just want to share my honest opinion regarding the Forums hosted at roundcubeforums.net for Roundcube Project.
In one word, the forum is deterring for the Roundcube Project. While many of you spend countless hours working hard and coding what I believe is the best ajax front-end webmail for the masses out there, there are people not concerned about it and in fact profiting at any cost from your work by hosting a site that it is constantly redirecting users to porn sites, advertisement and anything that could bring a profit to god knows who's pockets. Not only I have experienced this myself but I have also received comments from co-workers and friends who I have enticed them to give Roundcube a try. They have opted for not registering an account due to the great concern that these inconsistencies bring to their peace of mind. Specially, because they consider that open source projects tend to be very careful and strict with the distribution and support of their data. Some have actually asked me if there is the possibility that the Roundcube installation could be either infected or coded to behave similar to their end-users.
I'm certainly sure that your work is done with the main propose of delivering a quality product and I can only imagine how much energy you have put into this project over the years. I have no words to thank you enough for your great job and dedication. Please, consider to either get things straight up with the host or the person in charge of your Forum or move it elsewhere to a place in which profits is not the main and sole propose of hosting such site.
Since every suggestion in the open source community should be made with a possible solution, I'm open to offer free hosting myself. I have 120GB of space on a shared server with 250GB of monthly bandwidth that I'll put at your disposition. We can have up to 500 subdomains, 50 ftp accounts, 1200 e-mail accounts plus few other things. Alternatively, I can offer my own personal server to host it but I'm concerned about the performance of the board as I have never put any heavy load on my own server before. I can install, manage and run IPB boards myself. I can also make it simpler for others of you to be part of the board administration so you can change things around yourself as needed and I might not have plenty of time to fully dedicate myself to the 24/7 administration position of the board so having a Team working together is obviously the best option.
In the mean time, for consideration, I will invite you to visit http://unlockforus.com/forums/ (not active community there at the moment)
I'm just offering what I have and it doesn't have to be taken into account.
http://roundcubeforum.net has been either compromised and there are exploits running in the site or there are things set up to profit at any cost, even if it jeopardizes the reputation of the project. Not welcome in my opinion.
Wish you luck and I look forward to hear from you to at least know that my e-mail was once read and discarded or taken into account. Keep up the outstanding work.
-- Yoni
Hey all, I dont ever recall being forwarded to porn sites. Anyone experience this before? Maybe the guy himself is infected.
Cor
Nope, never had that problem either but I also have to say I wasnt logged into the forum for a longer time. Would be good to know what exact steps it takes to reproduce it. On Mar 11, 2012 10:34 AM, "Cor Bosman" cor@xs4all.nl wrote:
Hey all, I dont ever recall being forwarded to porn sites. Anyone experience this before? Maybe the guy himself is infected.
Cor
Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
I got this the last days:
"Exploit:HTML/IframeRef.Z", "Exploit:JS/Blacole.AR", "Exploit:JS/Blacole.CW".
(IE 9)
Am 11.03.2012 10:34, schrieb Cor Bosman:
Hey all, I dont ever recall being forwarded to porn sites. Anyone experience this before? Maybe the guy himself is infected.
Cor
Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
Ugh, there definitely is a problem with roundcubeforum.net. It's been infected/hacked. You can even see this when you use FF/OSX but it probably doesnt do much then. Firebug shows that roundcubeforum.net wants to get/run the following URL:
http://directmarketing12straight.in/in.cgi?walter
Quick google shows thats a marker for an infected site. It may currently be spreading somehow through IE, dont know if it can do something to IE clients.
This is not good for the reputation of roundcube. Anyone in contact with the admin?
Cor
On Sun, Mar 11, 2012 at 22:59, Cor Bosman cor@xs4all.nl wrote:
Ugh, there definitely is a problem with roundcubeforum.net. It's been infected/hacked. You can even see this when you use FF/OSX but it probably doesnt do much then. Firebug shows that roundcubeforum.net wants to get/run the following URL:
http://directmarketing12straight.in/in.cgi?walter
Quick google shows thats a marker for an infected site. It may currently be spreading somehow through IE, dont know if it can do something to IE clients.
This is not good for the reputation of roundcube. Anyone in contact with the admin?
I forwarded the reports to the forum admin and hopefully he'll get it cleaned out. I'll certainly forward any updates to this list.
Regards, Thomas
Den 2012-03-11 10:34, Cor Bosman skrev:
Hey all, I dont ever recall being forwarded to porn sites. Anyone experience this before? Maybe the guy himself is infected.
+1
using WOT here, and using chrome (report problem), fun stops before day is gone here
disabling javascripts is killing ground :-)
Hello,
I Can confirm the Redirection problem. It occours only the first time of the site load. I had to delete all my cache and get a new IP to reproduce this problem. The redirection use: hxxp://xml.plusfind.net/click?i=ccBdHgPBdgM_1&jf=r
-> Testing System: MAC + Opera 11.60 AND Ubuntu 11.04 + Firefox 4.0.1
cheers Igor
Am 11.03.12 07:07, schrieb Rosali:
We have serious complaints about roundcubeforum.net. Please read the message below. I know that Devs are not responsible for the forum in any way, but we all should care about the reputation of the Roundcube Project.
Dear Dev Team,
It is with the hope that something is done in the future to correct what I'll be sharing here today. I do not pretend to criticize something that I'm not familiar with and I just want to share my honest opinion regarding the Forums hosted at roundcubeforums.net for Roundcube Project.
In one word, the forum is deterring for the Roundcube Project. While many of you spend countless hours working hard and coding what I believe is the best ajax front-end webmail for the masses out there, there are people not concerned about it and in fact profiting at any cost from your work by hosting a site that it is constantly redirecting users to porn sites, advertisement and anything that could bring a profit to god knows who's pockets. Not only I have experienced this myself but I have also received comments from co-workers and friends who I have enticed them to give Roundcube a try. They have opted for not registering an account due to the great concern that these inconsistencies bring to their peace of mind. Specially, because they consider that open source projects tend to be very careful and strict with the distribution and support of their data. Some have actually asked me if there is the possibility that the Roundcube installation could be either infected or coded to behave similar to their end-users.
I'm certainly sure that your work is done with the main propose of delivering a quality product and I can only imagine how much energy you have put into this project over the years. I have no words to thank you enough for your great job and dedication. Please, consider to either get things straight up with the host or the person in charge of your Forum or move it elsewhere to a place in which profits is not the main and sole propose of hosting such site.
Since every suggestion in the open source community should be made with a possible solution, I'm open to offer free hosting myself. I have 120GB of space on a shared server with 250GB of monthly bandwidth that I'll put at your disposition. We can have up to 500 subdomains, 50 ftp accounts, 1200 e-mail accounts plus few other things. Alternatively, I can offer my own personal server to host it but I'm concerned about the performance of the board as I have never put any heavy load on my own server before. I can install, manage and run IPB boards myself. I can also make it simpler for others of you to be part of the board administration so you can change things around yourself as needed and I might not have plenty of time to fully dedicate myself to the 24/7 administration position of the board so having a Team working together is obviously the best option.
In the mean time, for consideration, I will invite you to visit http://unlockforus.com/forums/ (not active community there at the moment)
I'm just offering what I have and it doesn't have to be taken into account.
http://roundcubeforum.net has been either compromised and there are exploits running in the site or there are things set up to profit at any cost, even if it jeopardizes the reputation of the project. Not welcome in my opinion.
Wish you luck and I look forward to hear from you to at least know that my e-mail was once read and discarded or taken into account. Keep up the outstanding work.
-- Yoni
Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev