S@S 4 US
31 July 2010, 08:01:59 *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Please visit our donate page
 
   Home   Help Search Login Register  
S@S 4 US > GENERAL (you need to register/login to be able to post!) > S@S & SECURITY > Site@School's security
Pages: [1]
« previous next »
  Print  
Author Topic: Site@School's security  (Read 2786 times)
dirk
Forumbeheerder
Volwaardig lid
*****
Website: http://rosaboekdrukker.net
Posts: 158
« on: 3 April 2007, 18:25:43 »
FROM: Public Primary School Rosa Boekdrukker / Site@School Development Team

Dear Site@School school, institution, user, supplier.

You are using our CMS and you trust your valuable data to our CMS . This
means that the originator of the Site@School project, the Public Primary
School Rosa Boekdukker and the Site@School Development team, have a special responsability towards you. We take this responsability serious and inform you of the following:

- In the summer of 2006 many Site@School sites were hacked and/or defaced. In the same summer a Site@School site was replaced with a phising site for VISA. The security issues were discovered and fixed. After the summer version 2.4.10 was released that contained patches
for the security issues.

The Site@School team took the matter very serious and consulted two
professional security experts. Both came, independently, to the same
conclusions:

* In a couple of years it will be impossible to maintain the code and
guarantee security to schools, for example for confident material on the
intranet.

* To solve future problems the code needs a complete rewrite.

- Add to the above the fact that many schools are subject to gouvernement-
or municipal legislation regarding security and privicy protection in their software
applications. That means, Site@School has to comply to these rules when it
wants to stay the CMS for primary schools.
The public primary school Rosa Boekdrukker has a responsability in this
matter and ordered the team to take the necessary measures for improvement.

Our developer decided to leave the team and start a company of his own
WARNING:
Please be aware that, if you switch to the 'other' CMS, upgrading to our new version of Site@School will almost certainly become impossible, so please stay with Site@School and wait for the new release.
Do not mess with your school's data!
 
As promised earlier we will be releasing a new version of Site@School later this year. Until the new version is ready, the team will be issuing security fixes and patches for the current version, 2.4.10. Also we will provide a migration path from 2.4.10 (and our patches) to the new version.

The Site@School team decided to hand the job of creating the new code to
specialised, professional security  coders who will do the job for a modest
fee. We do our utmost to release the new version on the scheduled date,
i.e. end 2007, beginning 2008.
Donations are more than welcome.
DONATION INFORMATION ON:
http://siteatschool.org/index.php?section=18&page=105

It is the schools and the teams conviction that this is the best guarantee
that Site@School will remain the best and the securest primary school CMS
for years to come.

Please bear in mind that at this moment Site@School is secure.
For any questions about this matter mail to: info@rosaboekdrukker.nl

With kind regards,

Public Primary School Rosa Boekdrukker,
The Site@School Development Team,
Dirk Schouten, Karin Abma Peter Fokker, Barry Faas
« Last Edit: 8 May 2007, 10:20:31 by dirk » Logged
Pages: [1]
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.1 | SMF © 2006, Simple Machines LLC Valid XHTML 1.0! Valid CSS!