Creative Commons license icon

Weasyl goes up, then down again over "obvious issues"

Edited as of Thu 11 Oct 2012 - 13:32
Your rating: None Average: 3 (6 votes)

Weasyl on an easelNew art site Weasyl has been taken down after just a day online, while developers "work on some obvious issues".

The site's support forum has been flooded with threads reporting a variety of issues and feature requests.

More seriously, some are already probing for vulnerabilities, though at least one has been reported responsibly.

Weasyl appears to be hand-coded, raising the spectre of security holes, although past experience may have been enough to encourage the use of basic precautions.

Update (8 Oct): Weasyl is back, with a laundry list of fixes.

Comments

Your rating: None Average: 4.5 (2 votes)

[comment removed on request]

Your rating: None Average: 5 (2 votes)

The site was accessible to all, but only registered users could login; the invitation system was temporarily disabled.

Your rating: None Average: 1.9 (7 votes)

Weasyl, just another FA clone which will die a lonely death. To think Arcturus believes he is in any way a "leet h4x0r" is hilarious on face value.

Well, Weasyl was a nice idea, too bad it won't last.

Your rating: None Average: 3 (3 votes)

We'll see. There were bound to be some issues, though the pressure of donors may have encouraged them to release sooner than they might have otherwise.

For comparison, Inkbunny had about nine months of development, then a six month period of closed testing and rework before opening to the public. (Many features which Weasyl also implements were developed after this period.)

Your rating: None Average: 2.8 (4 votes)

I was not aware Arcturus was involved in any way with Weasyl.

Your rating: None Average: 4.5 (2 votes)

This would be the person linked as example of those probing for vulnerabilities.

Your rating: None Average: 5 (1 vote)

Ah, well, my guess it's more a tough love thing on their part. Or a test to see whether they'll go about fixing things. If that's the case they are, that's what beta's are for. No skin off my teeth... as long as the days of down time don't count toward the "paid account" status of people who donated.

Your rating: None Average: 4 (1 vote)

I don't normally comment on this sort of thing, I stumbled onto this and just wanted to mention that paid account timers won't start counting till we come out of beta, in other words any premium time purchased isn't counted until after we open to the public in general.

Your rating: None Average: 5 (1 vote)

Up now down again for the weekend. EDIT: Oh wait it came back up while was sleeping. All around it's up and down.

Your rating: None Average: 1.8 (10 votes)

Will Crusader Cat and Lupine Assassin be registering here? I wouldn't attend a bar at which Bryan Fischer and Bernie Madoff were regulars; I won't frequent a website that lets Reilly and Greenwald just wander in, stinking up the place. No offence.

Your rating: None Average: 4 (4 votes)

I wouldn't attend a bar at which Bryan Fischer and Bernie Madoff were regulars; I won't frequent a website that lets Reilly and Greenwald just wander in, stinking up the place.

If you were to convert this sentiment into a strict rule (i.e., not patronizing establishments which have as customers anyone whose public actions or beliefs are in stark contradiction to your sentiments), I'd bet that you wouldn't be able to go anywhere, at least given the wide net you seem to have cast.

Also, off-topic: which Reilly and which Greenwald? (Depending on which people you are talking about, it could be the case that I must protest and insist that you explain yourself, so that we may cast aspersions upon each others' ideologies and ancestries and exchange other wildly-outrageous sundry insults, as is customary on the Internet. But I can't know until you clarify.) :3

Your rating: None Average: 5 (1 vote)

I'm curious about the assertion that Weasyl "appears to be hand-coded"; by that do you mean that it's 100% from scratch? I know that it's coded in Python, and I'd be rather surprised if it isn't built on a web framework, which -- at least if you're using them right -- should be pretty robust against most common security vulnerabilities. (I know both Django and Flask have a substantial set of extensions to build with; I'm not too familiar with Pyramid yet but I'd assume something similar.)

— Chipotle

Your rating: None Average: 5 (1 vote)

I don't want to say 100% hand-coded, but I think many parts are. I'm getting my impression from what Kihari has said in, for example, this forum post, where he talks about considering a password hashing module as opposed to his own code. This suggests to me that he has hand-coded other elements of the accounts system as well.

Perhaps most telling is this tweet, in which I believe he's describing the basis of Weasyl:

@tilton_raccoon @weasyl In a nutshell, Python, Postgres, lighttpd, and webpy.

webpy appears to be a pretty thin framework - more a utility library than a high-level website-in-a-box.

Your rating: None Average: 5 (1 vote)

Goodness. I actually nearly added "as long as they're not using web.py or some such" but didn't think anyone actually, y'know, was using web.py anymore. (A nerd point for Postgres, although I don't think MySQL is the hive of scum and villainy it used to be. Unless you count Oracle's ownership.)

— Chipotle

Your rating: None Average: 5 (1 vote)

It will be down for the remainder of the week.

Your rating: None Average: 5 (6 votes)

Pop goes the weasyl?

Your rating: None Average: 5 (1 vote)

Weasyl is back up, with a laundry list of fixes.

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <img> <b> <i> <s> <blockquote> <ul> <ol> <li> <table> <tr> <td> <th> <sub> <sup> <object> <embed> <h1> <h2> <h3> <h4> <h5> <h6> <dl> <dt> <dd> <param> <center> <strong> <q> <cite> <code> <em>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This test is to prevent automated spam submissions.
Leave empty.