EVE Online's new forum is back online

Back in April, EVE Online received a brand-new forum with a revamped search tool, the ability to "like" posts, and other useful features. Unfortunately, players quickly found several serious security problems in the new forum software, including the ability to inject arbitrary HTML (but not script) into any thread via a modified forum signature.

It also became known that the forum was a modified version of open source software Yet Another Forum, with the authentication system tied to CCP's own login service. A cookie exploit was discovered in this login system shortly after the forums went online, allowing users to post as anyone they wanted -- even as developers. The new forum was temporarily disabled pending a security review and the old one reactivated.

After a complete security revamp and a period of rigorous testing, the new forum returned to service today. This forum is tied into CCP's web platform EVE Gate, which provides quick access to your character's evemails while not in the game and has integrated social networking features. The old forum will be officially decommissioned on Friday, September 9th and left as a permanent archive.

[UPDATE: We've been informed that the previous injection exploit involved only HTML and not script. The post has been modified accordingly.]

Reader Comments (7)

I really don't know what to say about this, it's a sad, sad story about CCP going out and bragging about the amount of dev-hours they'd put into something that then turned out to be just a re-skinned open source forum and on top of everything they ended up making a horrible, horrible mess out of modifying it with their own pre-school-grade authentication system.

Really a pants down moment for CCP devs.

Let's hope Darius has kicked some butt to get it right this time.

@SgtBaker1234556

preety much this

I hope there is a dislike button this time. :D

New forum software is horrible. Shame on CCP.

Brendan Drain is the last eve blogger now that 00sage00 has quit as well.

@oddshrub

what are you talking about? 00sage00 is fine and all, but he quit for college and he's what, 20? come on, suddenly the fate of the entire eve blogging community rests on the shoulders of a 20-year old that is too busy with college? get real.

the new EVE forums aren't perfect, and i'm certainly weary after the last attempt at a forum revamp, but don't idly bitch and moan about eve just because all the cool kids are doing it. the forums work, they're getting better with community-driven efforts at browser customization, and it's not the end of the world. by the way, there are plenty of good EVE bloggers left (including Brendan). Check out the eve blog portal, or the 'blog pack.'

http://www.crazykinux.com/2008/06/eve-online-blog-pack.html

http://www.evebloggers.com/

I hear they may now be working on the much anticipated "flying in space" feature.

EVE Online's new forum is back online

Reader Comments (7)

Posted: Sep 6th 2011 2:28PM SgtBaker1234556 said

Posted: Sep 6th 2011 3:35PM smartstep said

Posted: Sep 6th 2011 3:09PM Calfis said

Posted: Sep 6th 2011 4:41PM smg77 said

Posted: Sep 7th 2011 1:27AM oddshrub said

Posted: Sep 7th 2011 5:12PM halfcaptain said

Posted: Sep 7th 2011 8:05AM (Unverified) said

Info

Description

MSRP

Release Date

Genre

Developer

Publisher

Rating

Breaking News

The Secret World launch delayed to July 3rd

Featured Stories

The Mog Log: The Legacy rewards and what they mean

The Tattered Notebook: The passing of Ribbitribbitt

The Firing Line: PlanetSide 2's Matt Higby on the MMOFPS revolution

Engadget

Joystiq

WoW

TUAW