Why VB?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • MindFixxer
    New Member
    • Mar 2008
    • 29
    • 3.7.x

    Why VB?

    I need to be sold on VB. Simple enough?

    I work with a non-profit that needs every dime it gets. However, they are also very interested in creating a professional web presence. There are a few free options available with which I can do this, however, due to some limited back-end use with VB from other projects, I am a little partial towards VB.

    I don't have the time or interest involved in babysitting PHPBB ever again. I really like Joomla by itself, but Fireboard needs more work. IPB can kiss my *** for being overpriced, unreliable, and completely useless. (Sorry, but another group I associate with used IPB for awhile and a year later we still want to sue them for pain and suffering!)

    So, that leaves IKON, which I'm not that familiar with, SMF, which I am a little familiar with, and VB, which I am a little familiar with and happen to like. However, personal taste doesn't figure in to the cost factor for this situation.

    I hate to sound like a cynic, but... Everything listed or explained here is pretty basic and common information for any average web-dev. And it seems many of the highlights listed can already be scripted in to the free platforms to provide most of the same functionality.

    But I liked my short-time with VB and would really like to know more about it. Not just what I've read on the site so far, but more information on a comparative level. Forgive me, I haven't had time to browse the entire forum, so I'm sure some of my questions will be answered when I have the time to do more reading. And I plan to apply for the demo when I have time to get in there for a little while. How long does the demo session permit for a guest user? What kind of access is given in the demo session?

    Obviously, I have more web snooping to do so I can gather as many opinions as possible about comparisons. But my short and limited time with VB was obviously enough to get me here asking questions, so perhaps I'm already partially biased.

    The number one issue I am concerned with is security. Server-side security obviously falls in to an entirely different category, but is there somewhere on this site that explains the security of VB in a little more detail? Being a large name in the board community has to place VB high on the list of known and attempted exploits. And while I do not care to learn about all these exploits or how they are brought about, some assurances would be comforting.

    Finally, do you have any current or past customers (whom you might be aware of) that currently use your board in an environment where confidentiality requirements, such as HIPPA and 42 C.F.R. Part-2 are part of their daily operations? The group I'm working with may be seeking a contract with Medicaid in the future, which will require stringent adherence to some federal reg's.

    Please forgive me for anything I have asked that may have been readily available elsewhere here on the site. As I said, I haven't had time to do a lot of reading yet. And this is also the first time I have been approached about helping to set up a secure server that might have to meet federal regulations. (Very fun!) I do, however, have about 120 days in which to design and implement this, so thankfully I have time to do some research.

    I look forward to a reply. Thank you very much for your time.
  • MindFixxer
    New Member
    • Mar 2008
    • 29
    • 3.7.x

    #2
    One more question...

    Originally posted by Floris
    That is correct. It's not a live site, it is NOT a true "second" instance. It's a temporary TEST setup. You can invite your webmaster or fellow admin to come help out with the testing. But you can't open the site for an audience.

    Please note that vBulletin has a call home feature and we frequently check if our customers are breaking the license agreement and abusing this rule to get a 'free' second instance running. A customer caught runs the risk of having their license revoked (just sharing to add more info about this topic - FYI).
    What exactly does that mean? Precisely, what information is gathered and sent during this process? This is a VERY IMPORTANT question because, though there will be no client records or exact information present, the intention of the site will be partial information sharing among various colleagues and treatment team members, which can put us in a very serious situation if ANY information is regularly gathered from the site and transmitted elsewhere. Why? Mostly because none of us are coding gurus and therefore we can offer no guarantee as to EXACTLY what information is being transmitted from where to where or when this is occurring. How can I find out more about this process?

    Comment

    • Dismounted
      Senior Member
      • Sep 2006
      • 455

      #3
      Last I checked, the call home feature is just an image loaded from the vBulletin servers. The server just records the URL from which the image is requested. It does not gather any information from within the forum, but only merely gathers the URL of which vBulletin is installed.

      Comment

      • MindFixxer
        New Member
        • Mar 2008
        • 29
        • 3.7.x

        #4
        Hi Dismounted. Thanks for the reply. I suppose I don't quite understand. If it is done that way, then how do they "frequently check if our customers are breaking the license agreement" as Floris stated?

        I am not meaning to be difficult about this, but the nature of the site I intend to build for them may clash with the collection and transference of information.

        My first thought was taking one of the free options above and having it pretty well customized by someone with the appropriate skills to fit the security needs. VB, however, is a great platform to work from (based my on my limited back-end experience) and seems to fill many of the needs we would have had customized. But now, even if we go with VB, it seems we may still need a third party to go over all the coding line by line just to be sure we can meet certain compliance issues regarding confidentiality.

        If my hair doesn't fall out or turn white after this project it will be a miracle.

        If there is some amount of information that VB would prefer not to disclose publicly, then hopefully they will contact me privately to discuss it. The support alone is just one reason VB trumps the other guys. As someone else stated elsewhere in this forum, with VB support, you get more than just a fan site.

        Anyways, thank you for the reply. Hopefully VB can elaborate on it.

        Comment

        • Razasharp
          Senior Member
          • Feb 2005
          • 2789
          • 3.7.x

          #5
          You might want to check out this thread - its only recently been posted so not that many replies yet: http://www.vbulletin.com/forum/showthread.php?t=264672

          I use vB because it's the best forum platform out there.
          What's Special About Ruby on Rails?

          Comment

          • seoVB
            Member
            • Mar 2008
            • 32
            • 3.6.x

            #6
            vBulletin is by far the best forum software on the internet today. The price is cheap compared to what all features you get and then combine that with the support it is super cost effective then

            Comment

            • Jerz
              Senior Member
              • Apr 2007
              • 398
              • 3.8.x

              #7
              Originally posted by MindFixxer
              Hi Dismounted. Thanks for the reply. I suppose I don't quite understand. If it is done that way, then how do they "frequently check if our customers are breaking the license agreement" as Floris stated?

              As I understand it:
              Like Dismounted said, vB will load an image from the vB server, and they track the requests from that image. It doesn't get any personal info about your board, just the URL. This is used to make sure you don't use it on more than one domain at the same time, etc.

              IE: If you use one license for two boards, then two different domains will request that image, and vB can see if a domain is running vB without a license.

              Comment

              • MindFixxer
                New Member
                • Mar 2008
                • 29
                • 3.7.x

                #8
                Razasharp, thanks for the link. That thread pretty much confirmed what I've read elsewhere on the site in the last few hours. I've also had a few other websites open in other tabs and found the contrast between posts here and some other sites to be pretty interesting.

                I'm starting to think VB damn near sells itself. It's surprising that I made my initial post a few hours ago and no one from VB has responded yet, as they seem to respond to things around here pretty quickly. At least, they do in other areas of the forum. Perhaps this section doesn't get quite as much attention as the support areas or the members area. That's understandable. If I were a paying customer, I'd hope to have some priority over a non-paying customer, as well.

                Please don't read this as if I were trying to explain this to an idiot. I don't know you and, therefore, would never presume to know your level of knowledge on any subject. It's incredibly hard to gauge what a person knows or is familiar with simply by reading a few posts. And it is even harder to convey the tone of your voice or the meaning of your own message by simply typing. So, if I seem condescending in my explanation, please forgive me. But I'd like to explain part of the problem I have with VB at the moment. A problem I hope they are comfortable addressing.

                VB would be a hands down choice if I were trying to set up a website for anything else. However, the issues I need addressed concern security and the collection and dissemination of information by the core software. If I design a site for an organization, the organization proceeds to use it, and then it is later discovered that the software in use is not as secure as was first assumed, then that organization is put in to a situation that jeopardizes their credentials, their licensure, their financial status, and their reputation. Not to mention the possibility of some stiff fines to be paid.

                In the mental health field, confidentiality is not something that is taken lightly. It's practically the holy grail on which the community survives. Now, I already understand that VB is known for it's excellent security on a basic level. That is something I'm interested in learning more about. But the bigger security issue is the fact that the software itself transmits information, whatever information it may be and in whatever direction it travels, is all irrelevant.

                The first stumbling block is the fact that it has the capability to do that. So that concern becomes two-fold... What information is being sent and can it be exploited to the point where it can send information elsewhere?

                The second stumbling block is the fact that it will take a lot of time and money for an independent resource to determine just what information is being sent, where it is sent, and how often. I haven't found the post or documentation where VB CLEARLY spells that out. They may choose not to divulge that information for the sake of protecting their software and the means by which they monitor it. That would be perfectly understandable, hence the reason for a third-party audit of the software once it was installed.

                And finally, if it were determined by the federal government that the software does not meet certain criteria for administrative use by the organization, then the software would become a futile purpose. That is something I am also currently trying to research, because the government has very strict confidentiality laws for certain areas of practice. We're not dealing with national security here, it's much worse... We're dealing with people.

                Again, thanks for the reply, and thanks for the post you started. Aside from security concerns, I'm starting to like VB more and more.

                Comment

                • MindFixxer
                  New Member
                  • Mar 2008
                  • 29
                  • 3.7.x

                  #9
                  Thanks CHIPIT! I was writing a small book when you posted this so I didn't see it until afterward.

                  That clarifies it a little more for me. Thank you. If it works exactly that way, then the next concern will be how exploitable that function is by someone with a low moral standing and a high skill level.

                  And if nothing else strikes me around here, it's how many people jump in and answer questions for others. Most of the time, long before VB even has a chance to answer. Not just this thread, but all over the forum. That also says a lot for VB and the positive effect they have on customers here. Great community!

                  Off topic... Your name is Jeremy? Good name. I've answered to it for 35 years now.

                  Comment

                  • Steve Machol
                    Former Customer Support Manager
                    • Jul 2000
                    • 154488

                    #10
                    Sorry I didn't respond. However I generally concentrate on providing customer support and rarely have time to try to do a sales job on vB. Frankly I'm not good at trying to convince someone to buy something. Beside you get a much more balanced view from our customer then you would from a sales pitch.

                    As for the so-called 'call home' this only happens when you log into the Admin CP and it servers two purposes.

                    First, it has your board contact our site for any important notices and information about vBulletin. This could include info about a new release, and is especially important if there is a security issue that people need to be aware of. (Rare but it happens)

                    Second, it logs the URL that your licenses is being used on. This is the only information we collect - nothing else. There are no backdoors, hidden code or anything that can be used to compromise your privacy. Since the source code is fully viewable, such measures would have been detected and exposed a long time ago if they existed.

                    And yes it can be used to help fight piracy in cases where people are running multiple copies of one license.
                    Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                    Change CKEditor Colors to Match Style (for 4.1.4 and above)

                    Steve Machol Photography


                    Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                    Comment

                    • Jerz
                      Senior Member
                      • Apr 2007
                      • 398
                      • 3.8.x

                      #11
                      Originally posted by MindFixxer
                      Off topic... Your name is Jeremy? Good name. I've answered to it for 35 years now.
                      [offtopic]Heh, cool. [/offtopic]

                      Comment

                      • MindFixxer
                        New Member
                        • Mar 2008
                        • 29
                        • 3.7.x

                        #12
                        Thanks Steve!

                        Now, that part of the system I am familiar with from seeing something similar in use while using another platform. That still leaves me with a few questions about how exploitable that might be... I do realize that anything is exploitable given enough time and determination on the part of the bad guys. However, I need to find out just how severe the risk might be for this instance. Hopefully very low.

                        Is there anywhere I can read more about this function or someone I can contact here? I also have some other questions about security. Is there a good area to search in the forum for that instead of using the search button up top? I'd pefer not to read every post with the word "security" in it, as this thread alone probably has the word in it about a hundred times by now.

                        It appears I am getting in the habit of finding another reply every time I am writing a reply. Something else I never experienced at any of those OTHER websites. I'm starting to think VB is more than just software, it's an experience. LOL!

                        Thanks much to everyone. Seems it might be time to go see about this demo.

                        Comment

                        • Steve Machol
                          Former Customer Support Manager
                          • Jul 2000
                          • 154488

                          #13
                          Honestly I don't see how it could be expolitable. It never has been since we started in 2000. And the specifics of how this works is not something we divulge. However as I said he source code if freely viewable by all licensed customers and if there was a security issue with it, we would have certainly heard about it by now.
                          Steve Machol, former vBulletin Customer Support Manager (and NOT retired!)
                          Change CKEditor Colors to Match Style (for 4.1.4 and above)

                          Steve Machol Photography


                          Mankind is the only creature smart enough to know its own history, and dumb enough to ignore it.


                          Comment

                          • Alteran Ancient
                            Senior Member
                            • May 2005
                            • 333
                            • 3.8.x

                            #14
                            I chose vBulletin because of it's popularity on other sites, and it's reasonable pricing. Another bonus is the incredible support you can get here if something goes wrong. You can even import or migrate from another board set-up for free. This is why I chose not to get IPB. It doesn't have the customer or staff-base that vBulletin has, and Invision Power Services charge unreasonable amounts of money for 6-month licenses, and the cost of migrating, since only their "professionals" can do the upgrade.

                            Now, I like vBulletin because of the simplicity for the clients using it, and the horde of admin-friendly features that can be found. Also, it's incredibly easy to mod, because mods are installed as "Plugins" or "Products", and then just included in the way you want it by placing it in your forum template.
                            -- David.

                            If I spend much more time browsing these forums, I could be subjected to: 1. Burnt retinas, 2. Angry customers, 3. Lack of moderation, 4. Arguments.
                            This used to be a nice place; what the hell's gone wrong?

                            Comment

                            • MindFixxer
                              New Member
                              • Mar 2008
                              • 29
                              • 3.7.x

                              #15
                              Hello? VB?

                              I've spent too much time reading in this forum to think that this thread was missed. Does that mean it's being avoided?

                              If you don't wish to disclose exactly how information you are collecting and sending from websites, it would be politer to simply tell me that so I can go elsewhere. Silence has a very funny way of speaking for itself.

                              The community has done a great job on selling VB. So, as the company that owns VB, why aren't you trying to sell it? Very interesting...

                              Comment

                              widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                              Working...