According to a post on their Web site, Amigart.com was destroyed by hackers (more than likely script-kiddies) and will most likely not return.
I don't want to sound rude, but didn't they have a backup... even an old one? I use a cheap, slow HD on its own power switch to make regular backups every week. Backing up databases is a huge pain, though.
The problem with this is the fact that we're mostly using freely available software. That means any little kiddie can crawl through it and look for ways to destroy it.
I get annoyed when people advocate free software so much because it's "better" than commercial software. What a lot of people forget about Open Source development is not better by default. It's better only if the developers are better. I've spent a lot of time working with other peoples' scripts, tracking down bugs and security holes, and it amazes me how sloppy people are when programming. Learning PHP and Perl really opened my eyes to how easy it is to crack a website. Back in my Amiga days, I thought hacking only happened when people chose stupid passwords. ;-)
Then again, there's so many backdoors in Perl and PHP, you have to jump through lots of hoops to filter data properly. I was really pissed off to hear that PHP supported a "feature" called autoglobals. Recent builds of PHP have that feature turned off by default, and the developers only lightly talk about it in the security section of the manual, as if they are trying to hide the fact it existed in the first place. Took me almost 2 weeks to figure out why my scripts were failing with no logs or error messages, and nobody on the PHP forums knew why my scripts were failing because they wanted me to give them error messages I didn't have. :-x PHP also has stupid automatic things like "magic_quotes_runtime". Whoever thought up that setting should be shot.
My favorite fix was a script that tested CGI variables for truth by using isset(). When I fixed autoglobals by using the $_POST[] hash, all the isset() queeries always became true. It took me forever to convert all the "isset($blah)" to "if($_POST['blah'])"...
Trouble is, everything has gotten so complicated, destroying a Web site is not particularly difficult, even for a 14 year old.
This is why Unix is so widely criticized for its poor security (at least among the GOOD programmers). Filesystem security really needs an overhaul. That's one of the things I'm looking for in any new OS. I see no point in making a new OS (Amiga, for example), only to use the old-fashioned single-user security model, or just recycle the ancient UNIX model. Java is a good example of how security should be done -- being able to quarantine an app to a particular folder or locking off access to the filesystem entirely.
Do you have to be 14 to find these exploit exploiter script deals? Any time I ever went looking for them, all I got was porn ads. I suspect that it's easy to find them, but my investigation into the matter never yeilded any results. I can only conclude that you have to be 14 years old to find them easily or else it'll be very difficult or impossible.
It's not that hard. As for finding pre-built scripts, you probably won't find much through google. All the really crude stuff is transferred via one of the many P2P programs out there.
