Looks like going to:
http://chess.ca or
http://www.chess.ca

coughs up the

Temporarily Offline

We are currently undergoing some server maintenance, please check back later.

screen, but going to the bookmarked:

http://www.chess.ca/index_e.html

brings up the CFC website.

So, is the website UP or DOWN? Looks like UP (sort of) to me.

The website was hacked and causing problems for users of the site. Our contractor EK Gillin is working on this issue. The CFC Executive is examining various options to deal with this problem, one of which is the creation of a new site. The VP, or I Stijn De Kerpel will update the CFC membership as progress is made. Please be patience with the inconvenience in the meantime.

The website was hacked and causing problems for users of the site. Our contractor EK Gillin is working on this issue. The CFC Executive is examining various options to deal with this problem, one of which is the creation of a new site. The VP, or I Stijn De Kerpel will update the CFC membership as progress is made. Please be patience with the inconvenience in the meantime.

Thanks for the update Eric.

The problem seems to be widespread across the entire site. I had Gerry email me the latest mde file and it was removed by my email program which considered it unsafe.

The problem seems to be widespread across the entire site. I had Gerry email me the latest mde file and it was removed by my email program which considered it unsafe.

That sounds like a brain-dead email program (is it Outlook by any chance? - lol)

Seriously, the .mde file itself is not normally executable, so it really cannot be unsafe, but Outlook [in particular] defaults to removing all sorts of attached files if it feels like it. There are options in Outlook to have it stop doing that, but I think out of the box it might do that for all sorts of files.

Gerry could send you the file renamed to have an extension of (say) .foo and then when you get it, you could save it on your machine and rename it to .mde or whatever. THEN you could ask your antivirus program (if you run one) to scan that file explicitly (usually right-click on the filename ought to suggest an option to scan the file - depends on your antivirus software...)

Or, you could live on the edge and just try to use the file... :)

Gerry could send you the file renamed to have an extension of (say) .foo and then when you get it, you could save it on your machine and rename it to .mde or whatever.

I've always been partial to ".bar" but then maybe that's only for Flatheads....

Steve

That sounds like a brain-dead email program (is it Outlook by any chance? - lol)

Seriously, the .mde file itself is not normally executable, so it really cannot be unsafe, but Outlook [in particular] defaults to removing all sorts of attached files if it feels like it. There are options in Outlook to have it stop doing that, but I think out of the box it might do that for all sorts of files.

Gerry could send you the file renamed to have an extension of (say) .foo and then when you get it, you could save it on your machine and rename it to .mde or whatever. THEN you could ask your antivirus program (if you run one) to scan that file explicitly (usually right-click on the filename ought to suggest an option to scan the file - depends on your antivirus software...)

Or, you could live on the edge and just try to use the file... :)
You may be right about how Outlook receives attachments, but I have never had a problem receiving these types of files from other souces (I get them from the Alberta Government for example).

I also tried getting the file from the website a few days ago (you can still get in if you really want to) and the file was corrupt anyways.

It is extremely possible for a virus to infect a database file. Of course as long as your software is up to date it's unlikely to be able to exploit anything, but it would still get blocked by a scanner.

Maybe the office could export a .csv file? That's pretty much impossible to infect.

The website was hacked and causing problems for users of the site. Our contractor EK Gillin is working on this issue. The CFC Executive is examining various options to deal with this problem, one of which is the creation of a new site. The VP, or I Stijn De Kerpel will update the CFC membership as progress is made. Please be patience with the inconvenience in the meantime.

A new website?! Although I don't find the CFC website overly appealing it *was* functional and if it was maintained in a timely manner it would be useful too. The SQL injection vulnerabilities are well known and could be dealt with by pretty much anyone with web hosting experience. I think moving to a whole new ewb site model is sort of like throwing the baby out with the bath water, but I guess it depends on whether the CFC wants to invest some ongoing money to actually keep the website current.

That problem will persist whether or not any design changes are made (I am referring to operational design and appearance, not the mandatory fixing of the vulnerabilities).

Hi Kerry:

I have now written to Stijn de Kerpel, V-P in charge of " office " matters, to try to get confirmation that the CFC is indeed NOT looking at going into a new website.

I understand that the website is in fact now fixed and functional. I also asked Stijn why the delay is necessary, even given the google warning problem.

Bob

Helpfully, CFC has now posted on its website cover page and home page the following notice to viewers re the possible Google Warning they may be getting on visiting the site:

For those of you who experienced a "reported attack site" warning
when navigating here, please be aware that in late August viruses
were detected on the site and as a consequence the CFC site was
added to a "reported attack site" list maintained by Google.
This list is referenced by several browsers as a form of security.
Our site has since been cleaned and is presently virus-free.
Nonetheless it may take some time before Google considers the
site safe and removes it from their "infected" list. We will be
continuing to monitor this situation to ensure that the site
remains virus-free, as well as pressing Google to drop us from
their list. We apologize for any undue alarm that the browser
warnings might have caused.

Thanks to CFC member Steve Douglas who drafted a model notice for CFC to consider.

Bob

Our site has since been cleaned and is presently virus-free

except pages reached with/using (SQL-beta) buttons.

Hi Egis:

Could you give more explanation of this? You recently reported an attack on the CFC ratings page. Are you saying the virus is still there?

Maybe you could answer here the questions I recently asked you by e-mail:

Hi Egis:

A week or so ago, you reported a new hacking of the CFC website after it had allegedly been cleaned of the previous virus attack. It was apparently on the ratings page.

Is this virus still there? ( I don’t know how to check on virus myself ).

If yes, do you know if CFC has yet made any effort to clean the page of the virus?

If the virus is still there, and CFC has not yet cleaned the page, do you think the page should be taken off-line for the moment, until cleaned, to protect CFC members who may be checking their ratings on the site?

Thanks.

Bob

Today at 3:30 pm, I asked IT specialist Steve Karpik to check the CFC website ratings page for the virus/unauthorized script. He checked Egis Zeromskis' rating page ( since Egis first reported the new virus ), and the Hart House Summer Open crosstable, and the infection is STILL THERE . It is something put into the ratings database by unknown persons, and its effect is not known, but usually these incursions are in furtherance of criminal aims. It seems to me that therefore CFC members checking their ratings may be at risk still. Also, this points to the fact that our CFC website security is still very lacking. Steve advises me that a number of security measures can be taken to prohibit this kind of incursion, though the age of our website does make it more vulnerable.

Furthermore, the notice on our CFC website says:

" Our site has since been cleaned and is presently virus-free. "

Obviously this is no longer true, and should be changed.


What are the Executive/EK Gillin doing about this current new infection? What are they doing about improving security for our site while discussions go on about perhaps purchasing a new website? Why is the executive so silent on these issues?

Bob