Today we would like to welcome a new moderator to the team, TimTower. Over the past few months since we have taken over Tim has shown himself to have an excellent understanding of the rules. We know that Tim will be an great addition to the team and are glad to welcome him to the team today!
Now we know there have been a lot of people that want to try and tackle the moderation role, and we have not been ignoring your requests. When we get these requests we simply sit back and watch the user and how they handle themselves on the forums. We may be adding more users in the near future to the team so if you see any other green people walking around the forums they are either aliens or moderators we are testing out! Aliens don't bite that much, right?
We have had several inquiries lately about the IRC channels #bukkit and #bukkitdev . We do not run those channels nor do we have any control over them. If you need to reach Curse staff the IRC channels are not the place to do so unless you cannot reach the forums at all.
Forum rules may not apply on the IRC channels. Make sure you are aware of the channel rules and abide by them. If you don't abide by the channel rules, messaging Curse staff will not work for appealing a ban. We do not run or control the IRC channels.
Again the IRC channels are run by former staff and community volunteers. Current staff do not set the rules cannot help you if you break them.
Today, it was brought to my attention that the plugin "SuperString" had slipped past us and contained malicious code. This plugin, and the author, have both been removed from DBO. If, at this time, you are one of those that have downloaded this plugin, please be warned that version 1.1 contains the malicious code.
Over the last few months, we have caught more than a dozen new plugins uploaded with malicious code. However, no system is perfect and we miss some. Anyone that says you can catch such code all of the time, would be straight lying. This is where the community helps play in to the protection equation.
As much as the community relies on us to help ensure a safer place to download their addons, modifications, and various plugins, we also rely on the community's feedback and help to report the things we miss. Instead of a blind hosting system like many other sites, we use...
Tonight we've been made aware of a decompiler vulnerability that allows people to effectively hide sections of code. This has been reported to both Procyon and Luyten. This may also affect other decompilers.
Unfortunately due to this we will be not be processing new files until a fixed or replacement decompiler can be found.
As of right now there is no known malicious code on DBO. However, due to the nature of this decompiler shortcoming we are unable to know conclusively.
A big thanks to korikisulda for bringing this to our attention.
Edit by Zeldo:
Korikisulda has posted a much more detailed post about how this works for those that are wondering. You can find it here:...
