736 posts
  • Has referred 500+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+7 more
mordauk says

Yes, I agree that they should have, but I can also tell you that moving away from amember is a serious pain. I’ve had to do it before and it is excruciatingly difficult.

The main reason it is hard is because you have thousands of live PayPal subscriptions, which, due to limitations of PayPal and Amember, cannot be simply moved to a new system. In order to move to a new system, you have to work out ways to “steal” the subscriptions away from amember.

I know this because I’m trying to move a really old site away from amember right now, and I know several other people doing the same thing.

736 posts
  • Has referred 500+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+7 more
mordauk says

Yes, I agree that they should have, but I can also tell you that moving away from amember is a serious pain. I’ve had to do it before and it is excruciatingly difficult.

Oh, and that’s not to say that it being a serious pain is a good enough reason to not do it, because that’s definitely not the case.

633 posts
  • Has been part of the Envato Community for over 4 years
  • Has sold $100+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Sells items exclusively on Envato Market
Thecodingdude says

I’d like to point out that it was as much a fault of aMember (the software used to run Tuts+) as it was Envato, yet NO ONE is yelling at them. Seriously? Amember is one of the largest and most widely used membership softwares on the net. It was definitely very, very negligent of Envato to not fix the issue sooner, but if you’re going to yell at someone, yell at both of them.

Envato must make over $500,000 every month. I’m pretty damn sure a company like Envato can afford to have every single line in their code examined for security, performance etc. Envato knew about this bug since last year.

7982 posts
  • Has been part of the Envato Community for over 5 years
  • Has sold $40,000+ on Envato Market
  • Sells items exclusively on Envato Market
  • Has referred 10+ members
+4 more
doru says

when you build a website you plan with security in mind.

this amember or whatever store passwords as plain text?

you don’t use it!

736 posts
  • Has referred 500+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+7 more
mordauk says


I’d like to point out that it was as much a fault of aMember (the software used to run Tuts+) as it was Envato, yet NO ONE is yelling at them. Seriously? Amember is one of the largest and most widely used membership softwares on the net. It was definitely very, very negligent of Envato to not fix the issue sooner, but if you’re going to yell at someone, yell at both of them.
Envato must make over $500,000 every month. I’m pretty damn sure a company like Envato can afford to have every single line in their code examined for security, performance etc. Envato knew about this bug since last year.

I never said they shouldn’t have or could not have. I was simply pointing out that making the move is very difficult.

633 posts
  • Has been part of the Envato Community for over 4 years
  • Has sold $100+ on Envato Market
  • Has collected 10+ items on Envato Market
  • Sells items exclusively on Envato Market
Thecodingdude says



I’d like to point out that it was as much a fault of aMember (the software used to run Tuts+) as it was Envato, yet NO ONE is yelling at them. Seriously? Amember is one of the largest and most widely used membership softwares on the net. It was definitely very, very negligent of Envato to not fix the issue sooner, but if you’re going to yell at someone, yell at both of them.
Envato must make over $500,000 every month. I’m pretty damn sure a company like Envato can afford to have every single line in their code examined for security, performance etc. Envato knew about this bug since last year.
I never said they shouldn’t have or could not have. I was simply pointing out that making the move is very difficult.

Envato patched the issue within 48 hours, don’t give me bullshit about it being difficult. Yeah, it is when you’ve got an entire team of useless “developers”.

Envato have had over 6 months to patch the issue, instead they wait for the breach to happen and then update it – do you see the logic because I certainly don’t?

600 posts
  • Has been part of the Envato Community for over 4 years
  • Has referred 10+ members
  • Has sold $10,000+ on Envato Market
  • Has been a beta tester for an Envato feature
+5 more
designcise says

i hope the marketplace passwords are encrypted using a custom algorithm and not something that can easily be reversed :P (such as md5 etc.)

3263 posts
  • Helps us moderate the forums
  • Has been part of the Envato Community for over 5 years
  • Helped several times protecting Envato Market against copyright violations
  • Won a competition
+15 more
dtbaker Moderator says

:-/

anywho good to see the tuts+ team have the website back up and running now: http://tutsplus.com

hats off for been transparent about the issue and not covering it up like most other compromised sites would.

6128 posts
  • Sells items exclusively on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
  • Has sold $125,000+ on Envato Market
  • Has been part of the Envato Community for over 6 years
+8 more
VF says

@dtbaker, I would say it is a safety measure rather than transparency. Don’t praise people on wrong times. If the hackers do bad things with the member data, someday this thing may come out by itself with different kind of pressure. So as of now, they did what should be done to reduce/avoid the potential damage. Do we know how many members missed to understand this thing happened and they supposed to change something on somewhere?

Edit: dtbaker, just quoting your comment because, from pure technical perspectives Envato really deserve more critics rather than comparisons with different sites to convince everything going well.

736 posts
  • Has referred 500+ members
  • Has sold $125,000+ on Envato Market
  • Has collected 50+ items on Envato Market
  • Elite Author: Sold more than $75,000 on Envato Market
+7 more
mordauk says




I’d like to point out that it was as much a fault of aMember (the software used to run Tuts+) as it was Envato, yet NO ONE is yelling at them. Seriously? Amember is one of the largest and most widely used membership softwares on the net. It was definitely very, very negligent of Envato to not fix the issue sooner, but if you’re going to yell at someone, yell at both of them.
Envato must make over $500,000 every month. I’m pretty damn sure a company like Envato can afford to have every single line in their code examined for security, performance etc. Envato knew about this bug since last year.
I never said they shouldn’t have or could not have. I was simply pointing out that making the move is very difficult.

Envato patched the issue within 48 hours, don’t give me bullshit about it being difficult. Yeah, it is when you’ve got an entire team of useless “developers”.

Envato have had over 6 months to patch the issue, instead they wait for the breach to happen and then update it – do you see the logic because I certainly don’t?

Dude, not trying to start a war. Just because it can be done in 48 hours does not mean it isn’t extremely difficult. They have a large development team with a ton of skill. It’s obvious they can (they did) do it.

Anyhow, I NEVER said it shouldn’t have happened a long time ago.

And please, come on, don’t call Envato developers useless. Not fixing the security breach was a mistake higher up. If it wasn’t for the fantastic Envato devs, we wouldn’t have these great marketplaces.

Helpful Information

  • Please read our community guidelines. Self promotion and discussion of piracy is not allowed.
  • Open a support ticket if you would like specific help with your account, deposits or purchases.
  • Item Support by authors is optional and may vary. Please see the Support tab on each item page.

Most of all, enjoy your time here. Thank you for being a valued Envato community member.

Post Reply

Format your entry with some basic HTML. Read the Full Details, or here is a refresher:

<strong></strong> to make things bold
<em></em> to emphasize
<ul><li> or <ol><li> to make lists
<h3> or <h4> to make headings
<pre></pre> for code blocks
<code></code> for a few words of code
<a></a> for links
<img> to paste in an image (it'll need to be hosted somewhere else though)
<blockquote></blockquote> to quote somebody

:grin: :shocked: :cry: Complete List of Smiley Codes

by
by
by
by
by
by