Member
- Joined
- Jan 9, 2019
- Messages
- 159
I believe you guys more than CDPR.
What you need to know about the recent MangaDex data breach
- Thread starter Plykiya
- Start date
- Status
- Joined
- Aug 30, 2020
- Messages
- 1
man
Group Leader
- Joined
- Feb 18, 2018
- Messages
- 21
I can't believe this right now. I'm sure this post is gonna get swept or I'm gonna get banned, but I'll try being as polite as possible.
You guys are absolutely incompetent. From the very beginning, this site was just a quickly slapped-together replacement for Batoto (may God rest their souls), and for three years it has continued to be just that: hastily slapped-together. It's not enough that the site was compromised once already, no, you've allowed it to be compromised again! And instead of trying to take measures to protect your users' data, you just gamble on the possibility that "surely it's not for real this time!" despite knowing that it very well was possible, and later tell everyone in an on-site forum post (which keeps getting bad gateway errors because the servers are so slow), "Anyway, buckle up kiddos because your data's gonna be all over the place here in a little bit."
Every version of this site you guys release is just as broken as the last one. Load times are still ungodly high after what, 3 years of operation and loads of funding through donations and affiliates? And that's if the site is even working and displaying pages properly instead of a handful of broken links, the chance of which is about 50/50. The backend code is absolute crap and the admins are too ignorant and completely unwilling to fix it. It's absurd that you still have no real support/contact page/instructions besides "go in the Discord and ask politely on the off chance a mod is online and you get their attention," which is lazy and already opening up users to even more security issues. 2FA is handled in the laziest way possible (storing free codes on the server side which proves completely useless when data breaches like this and the previous one happen, the exact thing 2FA is supposed to be protecting us from). And long-requested basic features like filtering out comics based on their country of origin, a system to verify scanlation groups without having to go to a forum thread and wait on an admin to check the groups thread, follow feature for artists, ability to search artists or tags from the main search bar without having to go through advanced search, the ability to establish groups that don't have websites, or even the most basic of "Go To Page" buttons or a quick quote system in the forum threads still aren't implemented last I checked. Writing this post, I've even learned that the forum doesn't even have shortcut keystrokes for formatting and using the button unfocuses the text box so I have to format text one inconvenient click at a time. This is tech we've had on every other board system since the 2000s.
I do not believe you for a second when you say, "we've investigated and are patching any and all security holes and we can assure you that our site is secure." You haven't even alerted users through email about the data breach, and I'd put money on the fact that your crap servers or low-tier coding can't even handle the load of that, one of the most basic things any website that stores user data does.
In sum, this site is absolute trashfire, and I'm tired of dealing with the admins' complete and utter incompetence and laissez-faire attitudes towards their userbase that generates donos and affiliate kickbacks and free content for them to aggregate, so if this post does get me banned, that's fine. Just make sure to scrub my info from your servers thoroughly so my information doesn't get violated once again during the next inevitable massive data breach.
HOMBREEEEEEEEEEEEEEEEEEEEEEEEEEE
You guys are absolutely incompetent. From the very beginning, this site was just a quickly slapped-together replacement for Batoto (may God rest their souls), and for three years it has continued to be just that: hastily slapped-together. It's not enough that the site was compromised once already, no, you've allowed it to be compromised again! And instead of trying to take measures to protect your users' data, you just gamble on the possibility that "surely it's not for real this time!" despite knowing that it very well was possible, and later tell everyone in an on-site forum post (which keeps getting bad gateway errors because the servers are so slow), "Anyway, buckle up kiddos because your data's gonna be all over the place here in a little bit."
Every version of this site you guys release is just as broken as the last one. Load times are still ungodly high after what, 3 years of operation and loads of funding through donations and affiliates? And that's if the site is even working and displaying pages properly instead of a handful of broken links, the chance of which is about 50/50. The backend code is absolute crap and the admins are too ignorant and completely unwilling to fix it. It's absurd that you still have no real support/contact page/instructions besides "go in the Discord and ask politely on the off chance a mod is online and you get their attention," which is lazy and already opening up users to even more security issues. 2FA is handled in the laziest way possible (storing free codes on the server side which proves completely useless when data breaches like this and the previous one happen, the exact thing 2FA is supposed to be protecting us from). And long-requested basic features like filtering out comics based on their country of origin, a system to verify scanlation groups without having to go to a forum thread and wait on an admin to check the groups thread, follow feature for artists, ability to search artists or tags from the main search bar without having to go through advanced search, the ability to establish groups that don't have websites, or even the most basic of "Go To Page" buttons or a quick quote system in the forum threads still aren't implemented last I checked. Writing this post, I've even learned that the forum doesn't even have shortcut keystrokes for formatting and using the button unfocuses the text box so I have to format text one inconvenient click at a time. This is tech we've had on every other board system since the 2000s.
I do not believe you for a second when you say, "we've investigated and are patching any and all security holes and we can assure you that our site is secure." You haven't even alerted users through email about the data breach, and I'd put money on the fact that your crap servers or low-tier coding can't even handle the load of that, one of the most basic things any website that stores user data does.
In sum, this site is absolute trashfire, and I'm tired of dealing with the admins' complete and utter incompetence and laissez-faire attitudes towards their userbase that generates donos and affiliate kickbacks and free content for them to aggregate, so if this post does get me banned, that's fine. Just make sure to scrub my info from your servers thoroughly so my information doesn't get violated once again during the next inevitable massive data breach.
HOMBREEEEEEEEEEEEEEEEEEEEEEEEEEE
- Joined
- Feb 16, 2020
- Messages
- 8,166
@Mr_Detective
Wtf since when do I know how to code at all?
Wtf since when do I know how to code at all?
- Joined
- Jan 18, 2018
- Messages
- 1,804
@blurgh123
No, the coding is just being done by people who actually have webdev experience, not one guy winging it.
No, the coding is just being done by people who actually have webdev experience, not one guy winging it.
- Joined
- Jun 6, 2020
- Messages
- 2
Thanks for your hard work and good job on the quick response.
And thanks for the transparency too. 😄
And thanks for the transparency too. 😄
Member
- Joined
- Feb 11, 2019
- Messages
- 20
REMOVE
MANUHA
MANUHA
- Joined
- Nov 28, 2018
- Messages
- 8
I'd recommend to create account on hackerone and/or other bug bounty sites
And leave some contacts in code where mmm lets say gray hats can get some coins for reporting bugs and vulnerabilities
For example https://securitytxt.org/
PS: Still getting 504 but glad we are back
And leave some contacts in code where mmm lets say gray hats can get some coins for reporting bugs and vulnerabilities
For example https://securitytxt.org/
PS: Still getting 504 but glad we are back
Dex-chan lover
- Joined
- May 13, 2018
- Messages
- 370
- Joined
- Jan 24, 2018
- Messages
- 3,231
@dobu
It was coded in a weekend by a single person and then gradually improved on by a single person who isn't even a dev. We know it's shit lol, working on the v3 code is demoralizing to all of the devs. Hence why the plan is for a complete rewrite away from the existing code.
95% of image server traffic loads in under a second according to MD@H stats. The site loads faster than it's ever have recently. If it's slow, that's something pretty unique to your situation.
The admins have nothing to do with it, but you are right that the devs want to kill themselves looking at the current site code. Again, hence the plans for a rework. Everything we do is just firefighting attempts to keep v3 going until v5 exists.
Batoto had a support forums, an IRC channel, and reports. We have a support forum, a Discord, and reports. Your standards between us and Batoto are kind of... lol. Batoto even ran ads all the time too, you know? What we're doing with one tiny banner isn't even close to the level of ads they had.
Even in v5 it'll be a manual process. Sorry that you don't have to deal with the people attempting to upload ads and bait images to the website.
We've said time and time again that v3 won't receive many updates as v5 is our focus. There's no point coding something awful that works with the v3 codebase and then having to reimplement it into v5.
Well, feel free to make your own website. We don't ban people for criticizing us, lol. You're acting a bit silly.
- Joined
- Mar 23, 2019
- Messages
- 11
Love mangadex been using it for 4 years now. Would love it if i could donate some money to support the website. Thanks for the transparency.
- Status
Similar threads
- Suggestion
