Why New Trackers Are Worthless And More Importantly Dangerous

[buggyfresh]

Before I join any site a obtain a copy of the code of the tracker itself, its east to do this, right click webpage > View Source. Then i usually ask questions if I can, then see what type of reputation it has.

while agree with you post in general, this quote is completly wrong and makes me wonder if you know anything about programming...

you don't see shit in the html source page, it's just the presentation layer generated by the server, from a java, php, ruby, perl program, whatever, they all produce html to the user browser. That's it... you can't prevent sql injection in this layer and you can't say a tracker is secure looking at the html source in any way, the security is on the back end

so basically, you will never see the code unless the sysop gives it to you

...

That's true..tracker have a front and back end..it's the back end where all the hacks are at and the serious coding.

Still 1080p's rant about planning b4 opening up a tracker for the sake of it is a good one

[Feeling]

Id like you to check out sct and see what you think of "security"

HOLY SHIT do u know what the fuck you are talking about? Do you remember me..the one who had 50 hacked accounts at YOUR site...then u disabled me when you could have given a warning...ya your site is so secure....besides the point i had 50 hacked accounts...your moderators were in shock when they saw it and just stared in awe and u say your site is so secure...put your money where your mouth is

you didn't hack sct, or any of that crap, you just used passwords from some lame tracker that didn't encrypt their users details and tried them at sct.

So do you know what you are talking about? Retard.

[deadalive1]

This went from a good general statement to "I had 50 accounts on your tracker". Unreal, what's next... are you going whip out your e-penis and compare it to others?

[puckface]

So do you know what you are talking about? Retard.

retard?

[BOOM]

Retarded

[puckface]

quite

[1080p]

Before I join any site a obtain a copy of the code of the tracker itself, its east to do this, right click webpage > View Source. Then i usually ask questions if I can, then see what type of reputation it has.

while agree with you post in general, this quote is completly wrong and makes me wonder if you know anything about programming...

you don't see shit in the html source page, it's just the presentation layer generated by the server, from a java, php, ruby, perl program, whatever, they all produce html to the user browser. That's it... you can't prevent sql injection in this layer and you can't say a tracker is secure looking at the html source in any way, the security is on the back end and unless you have an access to the source files on their server, forget it

so basically, you will never see the code unless the sysop wants to give it to you or if you hack them of course (but then you would have your answer about their security already hehe)

html source is one of many ways to see that basic site design and what potential security have/have nots it has, from being on the site(FTN) I know if it is coded properly or not, obviously no sysop would ever reveal their code to (that would be dumb, almost as dumb as creating a tracker) you, but in general, you know if you are safe or not.......I can only name 5-6 trackers that I know I can be absolutley (not really) safe. Also their code could easily be obtained if they run server 03 or 00, hence why the noobs who created trackers always get pwned.

But your absolutley right, you can't know for sure, but I've chatted with members who know a bit about the inside of the code and they wouldn't tell me a tracker was secure if it wasn't.

[Nemrod]

This was a nice thread, with things open to debate, but as almost always derived in other thing.
Please, let´s keep it on subject.

[SgtMajor]

* Ask your friends, if you have any,

Kwalitee post, freindship request sent

[Kyl3KK]

Couldn't agree more. And as far as ScT goes I think it's very secure myself. Usually though when I see a new tracker I sign up with a dummy name and mail and pass, to see if I like it, and to see if my accounts get hacked. (I've had this happen to my ScT account, and my Tophos account after I signed up for a tracker I won't name, but that's because they like to stay in the shadows)

If everything's ok, I delete the account and ask someone for another invite sometime later and use it.