I'm afraid I have to tell our mobile users that Off Topicz is no longer using Tapatalk!
The sad news is due to several vulnerabilities that the plugin seems to create. In the latest one, it was a X-scripting vulnerability.
For those of you who are unaware of what an XSS attack is, here is a quick quote:
Tapatalk did end up fixing the vulnerability in the end. Some of you may then ask me why I don't update, and still use it. The answer is simple.
This is not the first time they had a vulnerability. In fact, it is one of many. However, that is not the main reason. The main reason is because when they updated their plugin, they did not even bother to inform any of their users, or administrators to update the plugin, nor let us know that there was a vulnerability to begin with. Which is a big nono for me. Even now as I write this up chances are most forum owners who are running Tapatalk, probably do not know they are vulnerable.
I take security and privacy very seriously. As a result, the plugin was removed all together.
I will once again tell our users, that Off Topicz is mobile friendly. With a beautiful responsive design, you can go to your mobiles browser and enter in offtopicz.net and still browse the site flawlessly.
For those of you who still would rather an application for browsing on mobile devices, we are looking at alternatives. I know a couple users had mention Forum Runner in the past. Though, in order for any user to use Forum Runner, they must first purchase the app for $2. I'm not one to force users to buy a THIRD PARTY app at that, to use a FREE forum.
Who knows, we might just build our own app dedicated to Off Topicz.
For those of you who have used Tapatalk, please be aware, you will no longer be able to use it on Off Topicz. The listing for Off Topicz will be removed from their directory soon.
The sad news is due to several vulnerabilities that the plugin seems to create. In the latest one, it was a X-scripting vulnerability.
For those of you who are unaware of what an XSS attack is, here is a quick quote:
Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behavior of a web application in a user's browser, without compromising the underlying system.
Cross-Site Scripting vulnerabilities are often used against specific users of a website to steal their credentials or to conduct spoofing attacks.
Tapatalk did end up fixing the vulnerability in the end. Some of you may then ask me why I don't update, and still use it. The answer is simple.
This is not the first time they had a vulnerability. In fact, it is one of many. However, that is not the main reason. The main reason is because when they updated their plugin, they did not even bother to inform any of their users, or administrators to update the plugin, nor let us know that there was a vulnerability to begin with. Which is a big nono for me. Even now as I write this up chances are most forum owners who are running Tapatalk, probably do not know they are vulnerable.
I take security and privacy very seriously. As a result, the plugin was removed all together.
I will once again tell our users, that Off Topicz is mobile friendly. With a beautiful responsive design, you can go to your mobiles browser and enter in offtopicz.net and still browse the site flawlessly.
For those of you who still would rather an application for browsing on mobile devices, we are looking at alternatives. I know a couple users had mention Forum Runner in the past. Though, in order for any user to use Forum Runner, they must first purchase the app for $2. I'm not one to force users to buy a THIRD PARTY app at that, to use a FREE forum.
Who knows, we might just build our own app dedicated to Off Topicz.
For those of you who have used Tapatalk, please be aware, you will no longer be able to use it on Off Topicz. The listing for Off Topicz will be removed from their directory soon.