AVN: NATS/TMM Breached for More Than a Year

I guess I don't get what happened, not being a dick about it, honestly.

What did TMM say to insult them? Did TMM mouth you or the clients or both? Was it face to face?

edit: read your post again, made more since this time :p

I ask, because of it was a ticket/icq, then post it so we can all rail john.

I'm not going to make a big deal out of this anymore....I spoke to John recently
and it was dealt with for my part.....no need to drag dead horses out again...

This kinda of behaviour wasn't exclusive towards me at the time.....there's
plenty of other threads where many different people were confronted with
the same type of behaviour.....hosting providers, sysadmins, tech people
who noticed the same thing many others did.....before it came out in the open.......

John should hire you for PR. So according to you NATS job is not to protect their own admin account info to people's servers? Never mind the fact that NATS asked people to leave these accounts open and then they didn't protect them and you saying that is not their responsibility??? They ask you for a key to your house basically and then they obviously didn't do a good job keeping that key from getting stolen, someone breaks into my house using that key, and you say it is my fault because i didn't have better security inplace. You are too fucking much, you should work for too much media.

all i do is quote you, you provide more than enough nonesense that one wouldnt have to make up or twist anything.

Ohhh.. yeah, don't get me wrong.. I know John has been a Dick. I couldn't spin that if I tried.

I thought you ment more like, I'm going to sue you if you say anything, or something like that. Yeah John isn't very well known for being Mr. Nice Guy

Aye, people have told me I should do John's PR work, it has been talked about. But it won't happen :/


If I give a key to my house, it's 100% my ass if the house gets broken into. No the house builder, door maker, key creator, or anyone else.. It's 100% my fault.

So if you gave NATS the keys to your program, it's your own fucking fault. Even more so when you didn't turn on the built in security feature that would have stopped this.

And agian, not all programs were breached.. Not even close to half. Most did use the ip lock feature and not all had tmm admin accounts, because you aren't forced to have them.

Your turn, please twist what was said one more time in a different direction so I can answer the same thing again for the 1000 time.

Well it was also along those lines but the I'll sue you if you do this thing
don't fly with me.......the bashing normaly neither.......but since I was
presented with the opportunity I decided to throw the ball back for a change.

how about

"what if it is the security company who have your key that breaks in to your house,, whos fault would it be then ?"

Thanks for making my case for me. John and the rest of the TMM team has no business running NATS or anything else that deals with sensitive data for exactly this reason. They esp. have no business running such an application and refusing to allow any third party to verify the safety of it when they run it encrypted. The whole thing is absolutely disgusting, I still cannot believe that there are people still sucking the NATS cock thinking this is all no big deal, just a small bump in the road that will soon pass, etc. It really says alot about this industry, the people in it and the state of affairs for both. Its good that people are taking sides on this one. Makes it real easy to tell who is upstanding and who you need to watch the fuck out for.

No, its not the program's faults. TMM was expected to take reasonable care to ensure that those keys (the logins) were not disclosed or used improperly. Leaving a file of user/pass pairs laying around on a server is not a proper practice and if you think it is, then you need to go back to school. Its the digital equivalent of keeping a post it note on the monitor and its fucking ridiculous. Yes, data breaches happen every day to all sorts of companies. But that does not excuse the conduct of any of those companies, it is still 100% their fault.

People like to throw up "Oh, well how wouldn't you have done it differently, Mr. Know It All?" and to that I say this: I wouldn't have done it at all. If I owned a program, I would have looked into NATS but I would have never bought it. The first red flag would be the fact that it runs on Zend. ANYTHING that requires Zend is always a concern. Next, I would have found out that not only does it run on Zend, but I am not allowed to even install it myself. Another red flag. Why would I not be permitted to install it? I paid for it. My software, right? Next I would have found that the software has never been audited by an independent third party and whats more, John won't allow you to bring a third party in, citing intellectual property concerns. Major red flag. The only people who fear independent audits at someone else's expense are those with something to hide. Sure, John might have concerns over a particular expert, but surely an exert exists that is completely independent but qualified to render a competent opinion that both sides can agree on does not present and IP concern. At this point, I'd start digging into the past of the company and when I found the PornGraph saga, I'd say "You know, this guy is always close by when things catch on fire and burn to the ground. This is a bad pairing, thanks but no thanks."

The only thing the programs are guilty of is making a poor choice on who to do business with. Responsible program owners are - right now - making plans to ditch NATS and TMM. Due to the complexity of such a move, its gonna take some time, 3 to 6 months I'd say. And because of John's history of playing dirty pool, I think most programs that are leaving him are afraid to say so publicly until they have something in place and are ready to pull the plug on NATS/TMM out of fear that John will cut the cord to their licenses in an attempt to bust any unions that start to form. So I am cool with that - for now. But in about 3 to 6 months, the question for program owners who are sticking with NATS is: why? Show me why this program should be trusted and moreover, why I should continue to trust you and not be concerned about your apparent inability to put personal friendships and personal fondness for someone aside and make the right decision for the company.

Yawn, you have no clue what you are talking about.

Dude, nats fucked up, hosts have fucked up, mpa3 fucked up really bad before, and the history of massive screwups in this business is very long. People move past them or we wouldn't have anyone to do business with.

Nobody gives a fuck but the few people that keep posting over and over on all the NATS threads. Anyone leaving NATS already had a plan to exit, otherwise I don't have a single client that has said they are leaving NATS.

Your logic is flawed too. Check this.. I bought paid for my NATS, monthly for a bit before I bought it. Most programs with any size just purchased it. So years go by and TMM/NATS isn't making a dime from me and several others but I still take up support hours, ect. I get pissed and I leave..

Did that hurt nats in the least bit? No, it helps them. Because every stable/paid up client that drops them will be replaced with 5 other smaller ones paying monthly fees.

And poor choices to do business with? Dude, this business is fucked. It's dirty, shady, and filled with money hungry dicks that will fuck their moms over for a dime. You no nothing about this business and try to toss us Tmm/nats as being super bad.. Fuck dude, the are mr clean compared to most companies that "they" do business with.

I keep telling you, that you only help TMM/NATS but you clearly do not understand even basics of brand marketing.

Lets hope this gets resolved soon.

Wow, you really are sucking John's dick hard. You should send him a bill for trying to whitewash the issue.

Have they contacted the FBI or the governemental institution in charge of this kind of crimes ?

Stop spinning the question arround and putting the responsability on everybody BUT TMM.

I haven't seen any statement that said they are initiating any criminal investigation, when clearly this has been a criminal activity that touched all of us.

Somebody out there had access to my identity because of this.

And as far as the responsability, it's clearly not the webmaster's fault if the TMM admin account has been compromised. It's your responsability to secure your server, and I'm glad you were one of the guys that went further, but it was nat's admin account that got compromised, not the webmaster admin.

Funny how he has no immediate reply to this, when he had an immediate reply for everyone and everything else. Telling.