I'd like to take a moment of your time to discuss a recent disturbing trend the staff has been noticing on the forums, and also take this as an opportunity to raise awareness of this situation through education.

We've recently had an increase in the number of dangerous commands being posted on the forums. Don't pretend you don't know what I mean -- commands that cause massive damage or disruption to the user's computer.

I'd just like to caution those thinking of doing this that UbuntuForums has a strict zero-tolerance policy when it comes to posting dangerous commands. If you post one of them, particularly in a support thread disguised as advice, expect to be instantly and permanently BANNED, at the account, e-mail, IP, or ISP level. I do not care about intent -- if you mean it as a joke, it is not funny. If you mean it as a lesson, go teach it somewhere else. This behavior is absolutely against the Forum Guidelines and Ubuntu Code of Conduct.

I'd also like to remind users to be cautious when someone tells you to run some command or download some script as a solution to your problem. When in doubt as to the safety of the procedure, it's always a good idea to wait for more opinions, and/or have the command explained to you and verify if the explanation makes sense by consulting readily available documentation on Linux commands (such as manpages). No matter how hard we try to stay on top of all posts in realtime, we are not perfect.



Regards,

The UbuntuForums Staff.



As requested by some, for the education of our users, here are some common examples of dangerous commands that should raise a bright red flag. Again, these are extremely dangerous and should not be attempted on a computer that has any physical connection to valuable data -- many of them will even cause damage from a LiveCD environment.

Again, DANGEROUS COMMANDS -- look but DO NOT RUN.

Also, this is far from an exhaustive list, but should give you some clues as to what kind of things people may try to trick you into doing. Remember this can always be disguised in an obfuscated command or as a part of a long procedure, so the bottom line is take caution for yourself when something just doesn't "feel right".

Delete all files, delete current directory, and delete visible files in current directory. It's quite obvious why these commands can be dangerous to execute.
The only problem is that .., the link to the previous directory, will be matched by this and this will in turn delete everything above this directory level (oops!). A possible alternative that I can think of for this would be
which will exclude the entry "..". Of course, it probably has limitations of not matching certain entries, fixing which is an exercise left to the reader.

Reformat: Data on device mentioned after the mkfs command will be destroyed and replaced with a blank filesystem.
Block device manipulation: Causes raw data to be written to a block device. Often times this will clobber the filesystem and cause total loss of data:
Forkbomb: Executes a huge number of processes until system freezes, forcing you to do a hard reset which may cause corruption, data damage, or other awful fates.
In Bourne-ish shells, like Bash: (This thing looks really intriguing and curiousity provokes)
In Perl
Tarbomb: Someone asks you to extract a tar archive into an existing directory. This tar archive can be crafted to explode into a million files, or inject files into the system by guessing filenames. You should make the habit of decompressing tars inside a cleanly made directory

Decompression bomb: Someone asks you to extract an archive which appears to be a small download. In reality it's highly compressed data and will inflate to hundreds of GB's, filling your hard drive. You should not touch data from an untrusted source

Shellscript: Someone gives you the link to a shellscript to execute. This can contain any command he chooses -- benign or malevolent. Do not execute code from people you don't trust
Compiling code: Someone gives you source code then tells you to compile it. It is easy to hide malicious code as a part of a large wad of source code, and source code gives the attacker a lot more creativity for disguising malicious payloads. Do not compile OR execute the compiled code unless the source is of some well-known application, obtained from a reputable site (i.e. SourceForge, the author's homepage, an Ubuntu address).

A famous example of this surfaced on a mailing list disguised as a proof of concept sudo exploit claiming that if you run it, sudo grants you root without a shell. In it was this payload:
To the new or even lightly experienced computer user, this looks like the "hex code gibberish stuff" that is so typical of a safe proof-of-concept. However, this actually runs rm -rf ~ / & which will destroy your home directory as a regular user, or all files as root. If you could see this command in the hex string, then you don't need to be reading this announcement. Otherwise, remember that these things can come in very novel forms -- watch out.


Again, recall these are not at all comprehensive and you should not use this as a checklist to determine if a command is dangerous or not!

For example, 30 seconds in Python yields something like this:
Where "sn!.sg!+" is simply rm -rf * shifted a character up. Of course this is a silly example -- I wouldn't expect anyone to be foolish enough to paste this monstrous thing into their terminal without suspecting something might be wrong.

Ubuntu Forums FAQ version 1.14 - March 6, 2009

Where can I find a list of forum rules?

On the Forums Policy & Expectations page. These are also shown to every user when they sign up for an account.

How can I find out if my question has been asked/answered before I post?

Use the search function! You will find it on the main page as well as in the link bar near the top of every page. You can even do more precise searches by clicking "Search" and selecting "Advanced Search."

How do I view my account profile?

In the link bar near the top of every page click "Quick Links" and scroll down the drop down menu and select "My Profile."

How do I change my password or email address that is listed on my account?

Click UserCP (for user control panel), then on the new page click the link on the left that says “Edit email & password”?

How do I change/add user info to my account?

Click UserCP (for user control panel). You will have lots of links to various options at the left of the page. These will include, but are not limited to, choosing whether to display user profiles on top of posts or at the left, hiding/showing your post count (beans) and choosing whether to allow other users to send you email or private messages on the forums. Take a tour!

Who/what are admins? Who are the staff of ubuntuforums?

The admins are the people who keep this site up and running. They are the tech gurus that perform all the maintenance and make the forums work. These five people also comprise the Forums Council. We all owe them a debt of gratitude. One of them in particular, ubuntu-geek, is also the chairman of the Forums Council. See the about page for more.

The staff are people who have been chosen to help moderate discussions because of consistently helpful and kind attitudes, a willingness to serve others as demonstrated by their posting history prior to being chosen as staff, and the fact that they happily agreed to do tons of work behind the scenes with very little recognition and absolutely no payment other than having their usernames in red and the ability to put images in their signatures.

You may see a few people hanging around the forums with an "emeritus staff" title. These are former staff. Emeritus means retired or honorably discharged from active professional duty, but retaining the title of one's office or position: like a dean emeritus of a graduate school; or a newspaper editor in chief emeritus. Currently the honorees holding this title include az, nocturn, taurus and K.Mandla.

What's the deal with coffee cups/beans and the funny titles?

Beans are posts. The post/bean count can be turned off by the user if so desired.

There tends to be a close connection between geeks and coffee, so that's where the theme came from. Yes, we know not everyone likes coffee, but it's just a silly thing.

The images, their colors, and the changing icons don't have any special meaning. They simply change as time goes by. You will see (among other things) green coffee beans, roasted (brown) coffee beans, various sorts of coffee cups and mugs and so on. Like the titles, nothing specific is implied by the presence of specific images or titles (in almost all cases that is...staff, admins and banned users are some of the exceptions). These items are for fun, and are not serious. They are not a rank of any kind. They don't tell anyone how long you've been here nor how many posts you've made. The sayings and the images are a semi-random feature we have to provide a little kick. There is some structure to it, but only on the implementation side. We did this on purpose - because it was fun and whimsical.

There isn't a list of what you get, and when, because that's not the point. The reason for the secrecy was/is this: while we want to reward people who participate in these forums with titles and changing symbols we really don't want them to become some sort of gauge that people use to determine whether someone is speaking with more/less authority on a support topic. Other forums use the title/icon system that way and more power to them. However, there are people here with less than 20 posts who can code circles around much of the staff and are capable of giving amazing and useful responses to support questions...and there are some of us here with thousands of posts who might get lucky with a good and helpful reply on occasion. The fear is that people might use post count and titles/symbols as a means of judging the validity of a post's content rather than the content itself. We had a long discussion about this in the forums when they were first started and this subject has been revisited among the staff several times. Some forum members and staff wanted to eliminate the post count and title/icon system completely, some have gone the other way wanting a complete ranking system that is clear and gives honorific titles with great meaning to those with higher post counts (that particular group is in the extreme minority). The current system is a compromise that has been working pretty well for a while. With the compromise of meaningless titles/icons, post count can be hidden in UserCP. Anyway, this is why we don't publish how many posts are necessary for a change in title/icon...it's just a silly reward. The post numbers needed for title changes is something that is easy to modify so it gets modified on occasion, when the admins don't have better things occupying their time, merely to maintain the surprise factor. Bottom line: it just a trivial, whimsically amusing little thing. Don't read too much into it...it really isn't worth the slightest emotional involvement.

What is all that info in the user profile (the banner at the top or left of each post)?

For each registered user who posts you will find the certain bits of information which I will now try to define and demystify a little bit. Some of these are more obvious than others, but I'll talk about them anyway.

The "Join Date" is the month and year the user registered in these forums.

The "Location" is something that can be set by the user and may be an actual, physical place or a state of mind or even just something whimsical. Some people don't have this because they didn't set one in their UserCP (user control panel). There is also a place in UserCP where you can set to display which Ubuntu version you are using so you will often see that listed as well.

The picture that most users have is called an “avatar” and it is a small graphic image the user chose that best represents him/her or at least their mood the day the picture was chosen. You can upload one in the UserCP.

Referrals (only shown on the profile page) are how many people mentioned that user when registering for a new account.

Why can't I use an animated gif as my avatar?

In the past (up to sometime near the end of 2005) users were allowed to use animated gifs as avatars. This ended when there was a sudden wave of really distracting and obnoxious flashing, gaudy avatars. (Honestly, can you concentrate on information when looking at animated avatars like these?) Rather than make a long list of what is an isn't acceptable for animated avatar usage and then forcing the staff to monitor and police their use it was decided that they would be banned altogether. Those users who had appropriate animated avatars at the time were allowed to keep them and so you may see a small number of them floating around the forums. If/when those users decide to change their avatars they will not be allowed to replace the current animated gifs with another animated avatar but will have to choose an regular non-moving picture like the rest of us.

Can avatars/signatures/images be turned off?

Yes, they can! Go to UserCP->Edit Options and scroll down to thread display options and check/uncheck at will.

Why can't I use images in my signature? (Why are the staff allowed to use them?)

Banners, flashing images, colorful and hidden links...the list is a long one. This is primarily a tech support forum with a small number of frivolous additions. This was something that people either love or hate, and people looking for tech support answers with as little distraction as possible are among those who hate this feature so we turned it off. The staff of the forums are allowed this as a perk since they are volunteers and receive no payment or other renumeration for their time, efforts and services here.

Can I change my username?

No. Usernames can not be changed - dashes can not be added, lowercase cannot be made uppercase, etc. However, you may choose to create a new account and then request that we disable the original one. The only exceptions to this are extreme cases, such as when a user has been harassed by another user or when the username contains the member's email address or real name.

Note: If you do make a new account, you will have to transfer all information yourself, as we will not do this for you. Also, we can't transfer your statistics (beans, account age and the like) to the new account.

Will you delete my account for me?

We are sorry to say that account deletions are no longer possible. If you wish for your account to become inactive we recommend you contact an administrator who can remove your email address from the account and change the password to make the account permanently inaccessible. Account deletions that have occurred in the past have made all of those users' posts belong to "unknown" and have made it impossible to track issues. There will be no exceptions to this policy.

Why does a forum for free software use a proprietary software?

While we would love to use an open source solution, vBulletin provides all that we need right now and also much of what we want. Other software does not. Serving this community well is our main priority and so we can/will not use something that does not provide what we require. If anything else provided what we must have and what we really would like to have, we would be using it instead; at this juncture, there is no viable alternative.

Why was my post moved/what is the most appropriate location to ask X?

Here is a short, annotated list of what should be posted where. It is not complete, but it covers the basics.

Absolute Beginner Talk is for anything computer/linux/Ubuntu related, but with the expectation that answers will be simplified as much as possible for the user...and you might be told that your topic is something best left to someone with more experience or that you will need to do some studying or research before you can understand the answer, please don't be offended if that happens.

The Main and Other Support Categories are all pretty clear. If you aren't sure which of these your help request should go into then please use General Help.

The Ubuntu Users Mailing List is a special case and is a mirror of the official mailing list. Please read the sticky in that forum before you post there.

Several developers and teams have approached the Ubuntu Forums and requested space to host discussions about their project. We are happy to be able to accommodate this and you can find these in 3rd Party Projects.

For general and fun, non-tech related discussions please join us in the Ubuntu Cafe.

Some forums can not be posted in by users or require moderation (a staff member has to look at the post before it will show up). For example, all posts going into Faqs, Howtos and Tips need to be approved as it is not a place to ask questions, just to share neat tricks that you have learned or knowledge you have discovered. Posting is not allowed in News & Announcements.

Finally, everyone should know of the existence of three important forums, even if you never need them. Forum Feedback & Help is for reporting problems or requesting assistance with forums-specific issues. The Jail is where all spam ends up as well as really bad posts...no posts are ever fully deleted in the Ubuntu Forums. That way, if there is any sort of controversy over what has transpired the old posts can be found and used as evidence. Finally, if you ever have a dispute with staff or admins regarding their actions in the forums you are welcome to use the Resolution Center which is a public-readable place to express your grievance and receive an answer. Please read the rules there before posting so you know what to expect and how things will be dealt with.

You will probably also want to read “The basic philosophy of moderation among the staff.”

What is an infraction? How do infractions work? Do they ever expire?

When someone posts in a way that violates the Forums Policy staff have the ability to issue infractions or warnings. In either case the offending party is notified by private message what the problem was. If an infraction is issued it will have a point value attached to it as well as an expiration date. If 10 unexpired points are accumulated by a user then all his posts must be reviewed by a staff member before becoming visible to other users. If 15 are accumulated the user is suspended until they expire and may be banned. The staff have some leeway in assigning a point value to infractions or whether a warning is better suited to the issue at hand. In the case of a dispute between a user and a staff member the Resolution Center is the place to go to file a grievance.

How do I report bad posts or bad behavior on the forums?

For each post, at the bottom left, under the user name / avatar, you will find a set of icons. If a post needs the attention of a moderator, for any reason, just click the icon that looks like a small notebook with a small person on the cover ( ) and type a reason in the box that pops up. A staff member will look at the post as soon as possible. If you aren't sure which icon it is, hover your mouse pointer over each of them and read the pop up tooltips to find the one that says, "Report Post."

How do I subscribe to a thread (or unsubscribe from one)?

You can change your thread subscription status for any thread you are currently viewing by clicking the “Thread Tools” link at the top of the first post and selecting “Subscribe to Thread” or "Unsubscribe from this Thread" as appropriate.

You can set/change the default behavior for subscribing to threads in UserCP (user control panel) by clicking the UserCP link. Then choose the Edit Options link at the left. On the page that comes up, scroll down to “ Default Thread Subscription Mode” and make your choice.

__________________
Ubuntu VPS Hosting | My Blog | Forum Search | Forum Guidelines
Please don't PM support questions--post a thread so everyone can benefit!