|
Post by ablrate on Jun 9, 2015 9:41:17 GMT
Hi All
The platform is now up on the live server and we are checking the data and finishing off content blocks. Next is to re-point the domain, move the SSL cert and test the API's and we are done. Will update as we move along later his afternoon.
Regards Ablrate
|
|
SteveT
Member of DD Central
Posts: 6,873
Likes: 7,918
|
Post by SteveT on Jun 9, 2015 11:21:12 GMT
Hi All The platform is now up on the live server and we are checking the data and finishing off content blocks. Next is to re-point the domain, move the SSL cert and test the API's and we are done. Will update as we move along later his afternoon. Regards Ablrate When we get to first log in, will there be a nice shiny new aeroplane loan waiting for us...?
|
|
|
Post by ablrate on Jun 9, 2015 12:00:01 GMT
Hi Stevet
We have some new deals going up in the scheduled loans section, which will make their way to the live platform quickly. As soon as we are done with today's data tests we will send a final email from the old platform detailing some the loans coming up and letting everyone know that we will be going live.
Regards Ablrate
|
|
Investor
Member of DD Central
Posts: 662
Likes: 590
|
Post by Investor on Jun 9, 2015 12:42:25 GMT
Shame I shall miss the lipstick wearing, androgynous, pre pubescent who has graced our screens for so many weeks sniffing glue from their balsa wood triplane
|
|
|
Post by ablrateandy on Jun 9, 2015 12:51:24 GMT
Shame I shall miss the lipstick wearing, androgynous, pre pubescent who has graced our screens for so many weeks sniffing glue from their balsa wood triplane Have I been fired?!
|
|
|
Post by ablrate on Jun 9, 2015 16:31:33 GMT
Investor... he is still there for now! Bless him, its Ablrateandy's cherub like school pic.... or maybe not..
Data checking going well, couple of CSS things to fix.
Domain repointed tomorrow so should be able to go live tomorrow afternoon or Thursday morn at the latest.
We will be sending an email out in the morning explaining when we are going live and, as a heads up for you guys, we will also be explaining that as a security measure you will need to rest your password and there is security number you need to create which is used for withdrawals and any personal data changes, but that will all be explained in the email.
Regards Ablrate
|
|
gc
Member of DD Central
Posts: 152
Likes: 141
|
Post by gc on Jun 9, 2015 19:36:45 GMT
Investor... he is still there for now! Bless him, its Ablrateandy's cherub like school pic.... or maybe not.. Data checking going well, couple of CSS things to fix. Domain repointed tomorrow so should be able to go live tomorrow afternoon or Thursday morn at the latest. We will be sending an email out in the morning explaining when we are going live and, as a heads up for you guys, we will also be explaining that as a security measure you will need to rest your password and there is security number you need to create which is used for withdrawals and any personal data changes, but that will all be explained in the email. Regards Ablrate Rest my password! Why, how hard has it been working in the time i've been away from it! ;-) (I know, don't let the door hit me on the way out) Sounding good guys and looking forward to seeing this new baby in action.
|
|
james
Posts: 2,205
Likes: 955
|
Post by james on Jun 10, 2015 14:38:54 GMT
Awkward security question of the day:
What will happen if an attacker obtains direct access to the database server, will it be possible to find out the passwords or PINs?
The background for this is my work with one of the most attacked pieces of database server software, which tells me that designs must be able to be secure in the face of this threat.
It's fairly easy to deal with this threat, just don't store the whole password and PIN, instead store only part of the cryptographic hash of them. The missing bits prevent reversing the hashing to get to the password, by providing an impractically large number of alternatives if say only every other byte of a 256 bit hash is stored.
If you want to ask for only some characters you can do this be pre-generating partial answers, hashing them, storing part, then presenting only combinations of the pre-stored permutations. Alternatively, if you wanted say three characters out of a four character PIN you might store the partial hashes of twenty different combinations of 3 from 4 and use one of those each time. This way you can verify correct entry with high confidence but the PIN won't be compromised if the database is compromised.
|
|
|
Post by ablrateandy on Jun 10, 2015 15:22:26 GMT
Thanks james! I'll come back with a fuller answer from the techies, but in summary, on the last version and the new version the passwords are stored as you described - hash-encrypted and partial. If someone did get in, they wouldn't be able to see the passwords in any way. Similarly on your signup details (eg passport details) we dispose of that information immediately so that there is no risk there either.
|
|
|
Post by ablrate on Jun 10, 2015 16:54:18 GMT
Hi All
We have emailed to let everyone know that we should be back up tomorrow. This is contingent on everything being correct with the SSL cert, verification and payment gateway when the domain repoints. We are pretty confident that it should be OK as we have tested the API extensively in test mode.... however, you never know with these things. If, for whatever reason, we are not able to switch on tomorrow we will do it Monday, so that we have full coverage when it is live, in case any nasty little bugs appear which you guys will no doubt find despite our testing!
Good news is it is working well....
Will update tomorrow.
Regards Ablrate
|
|
|
Post by ablrate on Jun 11, 2015 11:15:50 GMT
Hi All
For the eagle eyed among you, you will have noticed that the domain has been re-pointed to a new landing page saying 'we are launching soon' (if you still see the old landing page, you may need to clear you cache). We are getting everything done with the SSL cert and checking the API's. Will keep you updated with progress.
It maybe that the domain takes some time to be stable, so you may see the old landing page sometimes until it has fully propagated... according to our registrars!
Regards Ablrate
|
|
scubabeer
Member of DD Central
Posts: 54
Likes: 20
|
Post by scubabeer on Jun 11, 2015 13:08:14 GMT
Hi Ablrate,
Looks like the email problem still exists, as I didn't recieve one again :-(
cheers scubabeer
|
|
|
Post by ablrate on Jun 11, 2015 13:34:07 GMT
Hi Scubabeer
The email was sent from the old server... I am hopeful, as this is a completely new server, that it may resolve itself. If it doesn't we will be speaking again to the ISP's to get sorted. Sorry for the inconvenience.
Regards Ablrate
|
|
indy
Member of DD Central
Posts: 57
Likes: 18
|
Post by indy on Jun 11, 2015 14:55:47 GMT
I am still getting the old landing page, is it just me?
I have emptied the cache but this did not help.
|
|
SteveT
Member of DD Central
Posts: 6,873
Likes: 7,918
|
Post by SteveT on Jun 11, 2015 15:00:35 GMT
I am still getting the old landing page, is it just me? I have emptied the cache but this did not help. Me too, despite clearing everything.
|
|