I am sorry, I was not initially aware of X3M's account being hacked and lamar 's behavior
OK phew, I'm glad we're making progress Am happy to talk to you about your concerns.
[quote:1xa0cxyi]Regardless of how long these threads lasted, they were eventually getting locked, as obviously they started to become toxic. But that stuff is all bad publicity too.
We've always just locked toxic stuff since we started. Benefit is we have a nicer community - downside I guess is someone might come and look at is as bad publicity (which quite frankly I'm not sure I beleive - lots of forums have locked threads but I guess if you want to argue that point you can believe it if you want). A trade-off we're happy with.
[quote:1xa0cxyi]The spambots have been poluting this forum for ages now and having X3M 's account hacked and product removed makes it look like security here is not handled well - directly affecting a vendor and a product on the store (I bought his product btw).
Two issues here, spam and hacked accounts. It's important they are not conflated as a single issue because they are quite different.
Yes, is a bit problem. Am taking a much more aggressive approach to it on the new website. At the moment, there is no user generated content available (but plans to allow it don't worry as per this site!). I've researched it a lot, learnt what works/doesn't work on Scirra and am extremely confident going forwards it will be less of an issue. I get it's an issue here now. Popular sites will always attract spammers.
X3M's is the only hacked account in recent memory (I'm struggling to think of any other examples in our 6 years) that looks like it's been hacked. Your assertion that:
X3M's account hacked = our security is not handled well
Is fallacious, it could equally be the password was weak, leaked on another website and he uses the same one here, or he left his computer open, or his email was hacked etc etc. List goes on. The fact we've never seen a wide spread account breach leads me to think it's a one off and not an underlying problem with our security.
Secondly, with the new site I have upgraded the security in a host of ways. I'm not going to go into them now for a couple of reasons:
* A lot are numerous and small improvements
* It's not in our interest to talk about what parts of our security we're improving
[quote:1xa0cxyi]How integrated is the forum account with the account for using the engine?
On the new site, virtually not at all. There is some negotiation between the sites to ensure if you sign up on Construct.net though you get a Scirra.com account. We are moving away from the forum as our authentication model.
[quote:1xa0cxyi]Does construct3 prompt for dropbox password prior to getting access to the hosted project?
Can you explain what you mean please? Dropbox doesn't just allow anyone to modify anyone elses account. NO payment information is stored on our systems such as CC numbers. All payment data of that nature is handled off site with Stripe.
[quote:1xa0cxyi]Can a hacker who gained access to an account retrieve other sensitive data from the victim?
Like every online service out there, if a hacker gains access to your account they will be able to login and look at your account.
[quote:1xa0cxyi]Retrieving a stolen account - account protection - what measures are there?
Industry standard SSL encryption
HSTS implemented on Construct.net
Improved hashing algorithm for passwords
Improved rate limiting for brute forces
Improved infastructure security designed by Rackspace
Improved support interface with IP lockdown
[quote:1xa0cxyi]Will the EULA of construct3 free you from any responsibility if the victim loses work?
Yes, of course. This is completely standard for pretty much all software in existence.
My question to you now is, how many other companies have you asked these questions to? These are basically pretty bog standard questions regarding operation of a website - and I can't help but feel for some reason you might be treating us differently due to your unhappiness with the direction we're going. Am I wrong or are these concerns you have with all our competitors as well?
Secondly, I hope you appreciate me responding to you as it's apparent you have no intention of buying Construct 3 from what I can see in other forums and you seem to be one of only a very small number of users engaging in this vein of questioning.