Yes, thanks mod. Although Vkeong is only guilty of boasting but Phirate really shouldn't make him do any degrading stuff like that, and Deimos should've used consideration if he wanted to tip off the Entrecard admin. Come on Phirate, once you banned his account Vkeong has nothing more to lose so why be that demanding on him? I'm asking you to reconsider your hard stance on the guy cause by the end of the day, the losing side might be Entrecard if more people knows about it.

Btw, let's all behave like mature people okay? No more messing around with Google ads please.

This is my concern as well, I thought phirate would check first before making any decisions, he just deleted vkeong's EntreCard account like that, that was too fast.

Look at it this way, had vkeong not posted about dropping 300 EntreCards in 5 second in a public forum, I would not have saw it, and would not have told phirate about it.


At the moment, vkeong is the only person who seems to be very pissed off with me, therefore I accuse him.

---

Added on April 17, 2008, 10:56 pm
I think phirate might be pissed off that vkeong insulted him?



That can be interpreted into an insult or challenge? I dunno.



This is the original message that I sent to phirate, I certainly did not request phirate to delete vkeong's EntreCard account.


What should I have done instead?


This post has been edited by Deimos Tel`Arin: Apr 17 2008, 10:56 PM

it shouldn't be deleted in the first place.

you were just highlighting a possible exploit, however as programmers - you MUST investigate before concluding that there was a real exploit, not just based on someone's claims.

like say I claim I can break into the local bank in 15 minutes - would you accept it straightaway? surely you'll check it out. regardless, you don't arrest the person and issue punishment just because he said something he can do, right?

it would have been appropriate if phirate could approach vkeong privately (there's PM. there's also E-mail. Entrecard sends Email on notification of new advertiser. yes, I used Entrecard too!) and ask about the matter.

See, if you look at the matter as a whole - was it an exploit? or was it under accepted use of Entrecard - just that the person did more drops per minute than anyone else?

You got a point there but come on, can't this be handled by the Entrecard admin in a more proper manner?



It's a bit like whistleblowing. By being considerate you could've just posted a screenshot with his username blanked out, since there's possibility that action might be taken on the guy. You could've be the middleman and negotiate with Vkeong to reveal the vulnerability privately to the Entrecard admin. By just posting a link you didn't give him a chance.

This post has been edited by Heroxtus: Apr 17 2008, 11:21 PM

Guys, see what is going on with this guy? Nothing more obvious than the words I've bolded

DTA, I hope you believe in karma. Someday someone will accuse you of something you didn't do

I'm taking his words at face value just as much as I'm believing you, so just please don't go and add oil to this fire. Everyone each got a bit of fault in this mess but just stop with the blame game okay?

Boy, this phirate guy sure has a big ego to stroke, and an anal one at that. Good luck in your future dealings with him.

Is this posted in Entrecard's forum? Imagine the reactions by all the EC supporters...

And i do agree on the big ego-ness of phirate, to apologize is one thing, but is it neccessary to the extend of "I also apologize to the Entrecard programmer, who is in fact awesome", i LOL at this the moment i saw it.

vKeong,

NO DEAL!

Don't give a d@mn!

If no deal, you've got to open one more suitcase. Which number?

oh.. really?
however, i will not pick number "8"

why?


because i dont give a "8"

"8" in chinese .. f***.

hehe..hope admin won't ban me..

This post has been edited by YENC.blogspot: Apr 18 2008, 12:41 AM

won't ban la. at most 10% warn. however since you're not exactly using it to scold people or whatever context - you're fine. you're just explaining IMO.

I absolutely agree, in general. However with Entrecard security we have a slightly different problem. It is a live, active community with a significant amount of value moving around in the form of credits. The value of these credits, to the other users, is affected by the perception of the security we place around the system. As a result we expect all of our users to behave responsibly with regard to their use of the network, and our users expect us to work hard maintaining its security. We will not permit abusers, or people who claim to abuse the system, to remain members in general - it's not good for everyone on the network as a whole.



As I noted previously, it's equivalent to shouting "Fire!" in a crowded theater. He is not being penalized for setting something on fire, he is being penalized for acting as though there is a fire because of the effect that act has on other users. As it happens, the penalty for both actions on Entrecard are the same.



We have a speed limit. The limit is as fast as you can click your mouse with your fingers. The rules clearly state you are not permitted to use any kind of automated software to perform the drops for you. If I were to assume that VEKong was actually clicking 300 distinct websites in 5 seconds, he is missing out on a great career as a starcraft player.



The forum post is sufficient evidence. Hundreds of witnesses recall hearing the defendant shout fire in the theater.



His claim is well beyond the capacity for a human to perform. That's 60 clicks per second *minimum* not including navigation, Give it a go. Therefore the act implies the use of an automatic tool, a breach of our security.



In the event of a claim like this, proof is obviously an absolute defense. If someone is taken to court for shouting Fire! in a crowded theater, one defense is to demonstrate that there was, or they had excellent reason to believe there was, a fire. We grant the claimant the opportunity to provide a method they used as proof that there was in fact a security flaw, in which case we do not (obviously) require a retraction.

Regards,
phi.

---

Added on April 18, 2008, 4:06 am

I was laughing when I wrote it That part is perhaps..not technically part of our policy *innocent whistle*

---

Added on April 18, 2008, 4:27 am

In hindsight, yes, I should have issued a more formal notice than the somewhat tongue-in-cheek original response. I regret that.

This post has been edited by phirate: Apr 18 2008, 04:27 AM

thanks mate! hehe.. there goes my 100th post in LYN.

This post has been edited by YENC.blogspot: Apr 18 2008, 10:58 AM

And...the debate continues with no clear solution yet...

If both parties, phil and vkeong are not willing to give in, I see no point in arguing anymore.

Vkeong, just close the thread and move on with life. I'm sure your blog has enough traffic to do without entrecard right?

Phil, if you are reading this, perhaps you should revise Entrecard's policy on banning member's account. IMHO, deduction of credit would be a more suitable punishment for Vkeong.

This post has been edited by jbbeng: Apr 18 2008, 01:41 PM

There was a big loophole in phi's "shouting fire in theater" scenario. The accused is guilty if he was somehow manage to create a DISORDER in the theater. But take a look at vkeong's statement, what damage has he created so far?

Like goldfries had said, if I go to the middle of street and shout I manage to crack bank system and earn loads of cash, how many people will actually believe me? In this case, only DTA somehow believes vkeong claims.

Some people really need to differentiate between serious talk and "blow water" (aka boasting).

You're right. Weird thing though, my blog's traffic has gone up recently despite the banning of my entrecard account. And funniest thing is I am still receiving traffic from Entrecard's drop inbox page LOL.

However, you see, my intention of this thread is not about reviving my Entrecard's account. It's about how an Admin of one the most used tool in blogosphere has acted based on no concrete evidences. *Forget about the thread title, it has changed its original purpose after the ridiculous email from phirate.




Apparently someone cannot take the boasting, or just being plain jealous he couldn't achieve the drop speed.

This post has been edited by vkeong: Apr 18 2008, 02:29 PM

I'm more amazed by how people could take action without checking in detail or at least have certain amount of evidence to justify the course of action.

I've not seen in any Entrecard T&C stating about card dropping speed. even if this was stated, there's still no proof so far.

I second goldfries =/