Jump to content

Tapatalk removed permanently


Steve

Recommended Posts

I got an email from Tapatalk saying that they'd been hacked, which isn't the first time that's happened, but it seems they've been storing user passwords in plain text.

 

Their attitude to security sucks. The plug-in has caused numerous issues on DV. Looking at the user stats, hardly anyone was using it anyway. So, for those reasons combined, it's been removed from DV for good.

 

DV has a built-in mobile version and the site should deliver the mobile version where appropriate. If it doesn't, you can switch between versions by clicking "Change Theme" at the very bottom-left underneath the Shoutbox.

Link to comment
Share on other sites

The DV mobile skin was still available when Taptalk was installed, so it was never a replacement for it.

 

I've lost faith in the developers. A recent update to the plug-in broke quotes in a bunch of posts on here and I had to manually fix them. It's only because I caught it right after installing the update that it didn't turn into a big ball ache for me. Their response to that was a vague post on their forum, rather than sending out a mass email informing site owners that the plug-in was borked.

 

The usage stats for Tapatalk showed that the number of people using it on DV wasn't even in double figures, so I'd rather inconvenience a handful of people than risk something happening to the site. While DV has been targeted by script kiddies once or twice, it's not like anyone is seriously trying to hack this place, but I always remember what happened to the SOS forum. That site was taken out by an automated worm that took advantage of a vulnerability in the site code and SOS never recovered from that and that was the end of their forum. The fewer plug-ins that are installed on DV, the better, both from a security and performance perspective.

 

It turns out that Tapatalk weren't actually storing passwords in plain text. They'd installed a plug-in on their own site that turned out to be malicious and so when a site owner logged in, their username and password was being captured in plain text at that point and sent to a server somewhere.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...