# ASF Site Login Security Warning..!!



## bullmarket (19 May 2006)

Good morning Joe, Wayne and any other moderators 

I would like to highlight to you and anyone else that might be unaware of a potential flaw in private/sensitive information security on this site.

As pointed out by Joe a few months back, if you end your session on ASF by clicking the X in the top right hand corner of your IE browser you are not actually logged off from your ASF session as your session is still open in the background and your user name still appears on the online users list and is visible to others.

If you reconnect to the ASF site within a certain period after ending the previous session by clicking the 'X' and not the logout button you will see that your previous session is still open active as it was originally.

*This imo has the obvious (to me at least) potential security flaws:*

1) Where chatters use pc's/laptops etc of which multiple users have access to then there is a possibility that another user could connect to the ASF site after a previous user had ended their ASF session by clicking the 'X' and 'pretend' to be the original account owner....but I suppose there is no way for anyone to know exactly who is sitting at a chatter's keyboard at any particular time anyway   

*2)  Private and sensitive information in PM's could then also be viewed by these 'other users' which might not be in the interests of the sender of the PM's.*...this is a much more serious potential risk imo

Personally I think it is ludicrous to send private information to complete strangers in PM's but I suppose some might inadvertantly do it without realising the potential risks involved.

Other reputable sites automatically end the users' sessions and log them off if they click the browser's 'X' for obvious security reasons and so I imagine this site has the same option for the administrators to enable if they choose.

The above doesn't concern me personally because, as I said, I don't send personal information via PM's but others might not be aware of the potential risks on this site.

It might be worth considering enabling ending user sessions after clicking the 'X' if it possible....but that is totally your call.

Just some   food for thought 

cheers

bullmarket


----------



## sails (19 May 2006)

bullmarket said:
			
		

> ...1) Where chatters use pc's/laptops etc of which multiple users have access to then there is a possibility that another user could connect to the ASF site after a previous user had ended their ASF session by clicking the 'X' and 'pretend' to be the original account owner....but I suppose there is no way for anyone to know exactly who is sitting at a chatter's keyboard at any particular time anyway   ...



I can't see this as being a problem as most would have their own pc's.  Those that have to share their would obviously just log out in preference to clicking on X.  

I like it the way it is as I usually check in frequently through the day and use the "new posts" link to catch up on any unread posts since the last visit.  I was registered with another forum where the log in had to be done manually each time - very frustrating.


----------



## Prospector (19 May 2006)

I hear what you are saying Mr Bull, but like sails it is nice not to have to log in every time like you have to do on another share forum.

I use my own laptop - if ever I come across as acting like a teenager then I am either having a blonde moment, too much bubbly (most likely on a Friday night!  ) a seniors moment, or my kids are posting on my behalf!


----------



## bullmarket (19 May 2006)

hi sails 

yes, no problem. 

I agree in general but I am probably in the minority who routinely use the browser 'X' to close my www session regardless of which site I am visiting as it is much easier than looking for sometimes obscure logout buttons.....just a habit thing I suppose 

Sites that are https:/ log me out immediately, in my experience, when I click the browser X.

But as I mentioned earlier, imo point 2 is the much larger general risk imo than point 1.

cheers

bullmarket


----------



## bullmarket (19 May 2006)

Hi Mrs Prospector 

yes, I suppose one of the consequences of convenience is potentially lower security.....but as I said to sails, imo point 2 in my original post is a much larger potential risk imo.

cheers

bullmarket


----------



## sails (19 May 2006)

bullmarket said:
			
		

> 2)  Private and sensitive information in PM's could then also be viewed by these 'other users' which might not be in the interests of the sender of the PM's...



 Pt2 is also not a problem if one logs out instead of just clicking on the X (NB the "LogOut" link is at the top right hand corner not far under the X making it real simple for those who do have security issues when using shared pc's.)

IMO, same care should be taken with PM's as with emails - if one feels the  security risks are too high, then don't use them.


----------



## GreatPig (19 May 2006)

I also prefer not having to log in each time, and never manually log out.

And I also treat all PMs and emails as public when it comes to sensitive information, and simply don't send any.

For anything really sensitive, it's possible to use message encryption. There are commercial packages for that, but I have a program I wrote myself which allows the sending of encrypted information (a separate application, not an email client plugin). I use it a lot for encrypting sensitive files, like work-related stuff I take home, etc, but it also supports encrypting and decrypting blocks of text on the clipboard for sending in emails, etc (you could even post such text to a public forum, but I'm sure the forum operators would get sick of seeing a lot of it going back and forth ).

If anyone wants to use it, I'm happy to make it available for free. Windows only though I'm afraid. Compatible GUI and command line versions both available. The GUI version also supports building up lists of other people's passwords so that you can send them files or messages without having to know what their password is (passwords can be exchanged in encrypted form). It uses AES Rijndael encryption.

If there's any interest, I'll upload the program in a new thread.

Cheers,
GP


----------



## bullmarket (19 May 2006)

Hi GP, sails

yep, the convenience of not having to login and out all the time is good but all I want to do is highlight the risks involved.

I am most probably in the minority but I for one cannot and do not give any guarantee that any information PM'd to bullmarket will not be seen by someone the PM sender would prefer to not see  - for at least the reasons in my original post 

cheers

bullmarket


----------



## Joe Blow (19 May 2006)

For those using PC's which other non-trusted individuals also have access to I suggest clicking 'Log Out' rather than clicking 'X' and simply closing the browser window if you are concerned about security.

This will ensure that nobody else has the ability to access ASF under your login or your private messages.

I urge anyone concerned about the security of their account to manually log out  from ASF each time they leave the site as this is the only way to be 100% sure that nobody else can access your account. However, as with most aspects of internet security it is up to the individual to make the decision that they feel is best for them. Like many others, I never log out from home as nobody else has access to this PC but I always log out manually from a public PC such as those at an internet cafe.


----------



## Prospector (19 May 2006)

Plus my life is ruled by so many different freakin' passwords this is one I don't have to remember.

I have passwords for:  4 different internet bank accounts, 2 online trading accounts, 3 telephone accounts, 4 credit card accounts, 2 frequent flyer accounts, ebay, paypal, Optus mobile, foxtel, altitude rewards, flybuys, perhaps 10 different forums, my PC, my broadband account, and I am sure there are more....that is already 34!  

Forget Taxes, my life is ruled by passwords....


----------



## Happy (19 May 2006)

It might be difficult having to remember 20 or even 34 passwords.

One of the advantages is we keep our brain busy and this delays onset of dementia.

Another advantage, is early warning for us that dementia catches up with us, if we start having problems with mentioned password.

So really, it looks like advantages only.


----------



## GreatPig (19 May 2006)

I have heaps of passwords and IDs too, but I don't have to remember them all.

I have them all written in a file which I keep encrypted, only decrypting and displaying the contents when I need to use one. That process doesn't create a decrypted version of the file either, so there's nothing to have to remember to delete afterwards.

The main issue though is that you then have everything dependant on one password. One word to hide them all, one word to find them... 

GP


----------



## Prospector (19 May 2006)

Happy said:
			
		

> One of the advantages is we keep our brain busy and this delays onset of dementia.
> 
> Another advantage, is early warning for us that dementia catches up with us, if we start having problems with mentioned password.
> 
> So really, it looks like advantages only.





Are you serious?  Hm, I have plenty of other stuff to think about and keeping me busy without having to worry about passwords!  Useful stuff!

Dementia - well, if remembering passwords was a clue then I am well into alzheimers!


----------



## surelle (19 May 2006)

all good points bull, but the only real problem that I see is that if you exit by the "x", and your name still appears online, then it gives the other members the wrong impression of who is online at any given time

have a good weekend


----------



## Joe Blow (19 May 2006)

surelle said:
			
		

> all good points bull, but the only real problem that I see is that if you exit by the "x", and your name still appears online, then it gives the other members the wrong impression of who is online at any given time




Hi Surelle,

By clicking on a person's user name and viewing their public profile you can see the last time they interacted with the forum and what they were doing (see attachment below).


----------



## surelle (19 May 2006)

thanks Joe, I knew I could count on you for the answer


----------



## bullmarket (19 May 2006)

Hi surelle 



			
				surelle said:
			
		

> all good points bull, but the only real problem that I see is that if you exit by the "x", and your name still appears online, then it gives the other members the wrong impression of who is online at any given time
> 
> have a good weekend




yes I agree with you and the point you raised is exactly the one I raised with Joe a few months back after which he explained that if you use the browser X then yes your account stays open and active and your name still appears on the online list giving a false impression that you are still online when in reality you may not be   I'm not sure how long your account stays open for after you click the X.

I have no issue at all personally with the 'delayed logout'  since I don't disclose personal information and so I'm going to continue using the browser 'X' as it's much easier and quicker than the logout process on my PC 

cheers

bullmarket


----------



## noirua (19 May 2006)

I have no problems with logging out and back on again with "aussiestockforums". Having logged out yesterday, it was necessary to put in my user name and password and I received the " welcome back " message.

It is also not correct to say, " Other reputable sites automatically end the user sessions ..".  I visit very many sites worldwide and most do not automatically end user sessions.


----------



## bullmarket (19 May 2006)

Hi noirua 

my earlier comment:



> Other reputable sites automatically end the users' sessions and log them off if they click the browser's 'X' for obvious security reasons and so I imagine this site has the same option for the administrators to enable if they choose.




is 100% correct because other reputable sites (https:/ and http:/) do log me off immediately when I click the browser X and so I don't know what game you are trying to play when you say it isn't a correct statement.

*If you go back to check your facts before posting you will see that I never said all sites because like you I also visit many sites world wide and most of them do actually log me off immediately when I hit the X.*

cheers

bullmarket


----------



## bullmarket (29 May 2006)

hmmmmmmm......I posted something at 9:46 this morning after which I clicked the 'X' in my browser.

I just opened up the ASF site again now at 12:37pm and I see my session from this morning is still active although I wasn't here.

*Joe* - I thought you mentioned some time ago that an account is automatically logged off 30 mins after hitting the browser 'X'. To me it looks like it's either at least 2.5 hrs or maybe even indefinite.

So it makes you wonder how many users on the 'online users' list are really actually here at any given time.  I could be here talking to myself and not even realise it  : 

I hope leaving users names on the on-line users list for at least 2.5 hrs isn't some sly way of making it appear there are more users logged on at any time than there really are   

cheers

bullmarket


----------



## Joe Blow (29 May 2006)

bullmarket said:
			
		

> hmmmmmmm......I posted something at 9:46 this morning after which I clicked the 'X' in my browser.
> 
> I just opened up the ASF site again now at 12:37pm and I see my session from this morning is still active although I wasn't here.
> 
> *Joe* - I thought you mentioned some time ago that an account is automatically logged off 30 mins after hitting the browser 'X'. To me it looks like it's either at least 2.5 hrs or maybe even indefinite.




Bullmarket,

Your session from this morning was not still active. 30 minutes after your last interaction with the forums you would have dropped off the Users Online list and your current session would have ended. What happened is you were automatically logged in when you came back. If you would prefer to log in manually each time, just click 'Log Out' rather than just shutting down the browser.


----------



## bullmarket (29 May 2006)

ok thanks Joe,   

but that doesn't make sense to me   because if someone hits their browser 'X' to end their seesion (and so from their point of view effectively log off) then what is the point of leaving their name on the online users list for another 30 mins?....to me it can only cause frustration or confisuion for someone who might be waiting for a reply from someone who appears to be online but in reality is not.

I can see the convenience in not having to log in a second time after returning to ASF after ending the previous session by clicking the browser 'X' but I don't see the point in then also leaving the users name on the online list for another 30 mins.

If possible, why not set the time left on the online users list to zero after someone clicks their browser 'X' just like when they click the logout button?

cheers

bullmarket


----------



## surelle (29 May 2006)

bullmarket said:
			
		

> So it makes you wonder how many users on the 'online users' list are really actually here at any given time.  I could be here talking to myself and not even realise it  :




Hey there bull
aren't we all talking to ourself, by typing into the computer, and then hoping for a reply


----------



## Joe Blow (29 May 2006)

bullmarket said:
			
		

> ok thanks Joe,
> 
> but that doesn't make sense to me   because if someone hits their browser 'X' to end their seesion (and so from their point of view effectively log off) then what is the point of leaving their name on the online users list for another 30 mins?....to me it can only cause frustration or confisuion for someone who might be waiting for a reply from someone who appears to be online but in reality is not.




Bullmarket,

It used to be 15 minutes but I extended it to 30 at the request of a member because of an issue with the 'New Posts' function. After a member's session ends the 'New Posts' counter is reset. This was a problem because typing into a text box (entering a post or PM) does not qualify as interacting with the forums so    if someone spent 25 minutes typing up a post (when the session cutoff was set to 15 minutes) they would come back to the forums to find that the 'New Posts' counter had been reset. This is an issue with this version of the software only and once I upgrade to the latest version I will put it back to 15 minutes which is the default setting as the new version has a better way of tracking 'New Posts'. Hope that all made sense.

There is one very easy way to see whether someone is still interacting with the forums or not. Click on that person's username and view their public profile. On the right hand side you will notice a time stamp telling you when the person in question last interacted with the forums and what they were doing. See attachment below.


----------



## Yezzy (29 May 2006)

Edit: Joe explained it better


----------



## bullmarket (29 May 2006)

ok Joe - I don't want to make a big deal out of this   

But your example doesn't actually tell someone if another user is still actually online or not at any given time, does it?

If I understand correctly, after viewing another user's public profile and seeing what time their last activity was, that other user could still be off-line in reality if immediately after their last activity (according to their public profile) they hit their browser 'X' and yet their username will still be on the on-line users list for 30 mins after clicking the 'X' thus potentially causing frustration for someone who might be waiting for a reply from that other user.

Anyway, it doesn't really matter - I just thought it would eliminate confusion if you could set the time left on the online users list to zero for those who click the 'X', but if it's not practical to do that then that's fine.

*Hi yezzy*

the issue is not the fact that you are not logged off after clicking the 'X' as I can see the convenience as per the examples you gave - I was just suggesting that there would be less confusion for other users if after someone clicked their browser 'X' that their username would also immediately drop off the the online users list.  But if for some reason Joe doesn't want to set the time to zero then that is fine by me   

cheers

bullmarket


----------



## Joe Blow (29 May 2006)

bullmarket said:
			
		

> ok Joe - I don't want to make a big deal out of this
> 
> But your example doesn't actually tell someone if another user is still actually online or not at any given time, does it?




No but it tells you if they are interacting with the forums.



			
				bullmarket said:
			
		

> If I understand correctly, after viewing another user's public profile and seeing what time their last activity was, that other user could still be off-line in reality if immediately after their last activity (according to their public profile) they hit their browser 'X' and yet their username will still be on the on-line users list for 30 mins after clicking the 'X' thus potentially causing frustration for someone who might be waiting for a reply from that other user.




If they are waiting for a response from that member to avoid frustration they should look at the time of their post/PM and then check the last time the person they are waiting for a response from interacted with the forums. If the time of their post/PM is the later of the two then there's a good chance they will be waiting a while for a response.



			
				bullmarket said:
			
		

> Anyway, it doesn't really matter - I just thought it would eliminate confusion if you could set the time left on the online users list to zero for those who click the 'X', but if it's not practical to do that then that's fine.




Unfortunately it's not practical at this time. Once I upgrade the software I will set it back to 15 minutes but at no time in the future will it be set to zero. Those who wish to disappear immediately from the list of online users should manually log off each time they leave the forums. That is the best suggestion I can make.


----------



## bullmarket (29 May 2006)

Joe Blow said:
			
		

> ........No but it tells you if they are interacting with the forums...........




Joe, I think one of us has our wires crossed because I don't see how the last activity in another user's public profile tells you whether they are still interacting with the forum or not for the 30 mins after their last activity if their user name is still on the online users list during that 30 mins.

eg......say 

1) I make a post at 1:00pm

2) At 1:01pm I then click the 'X' in my browser and shut down my pc.

3) My username will remain on the online users list for another 30 mins until 1:31pm 

But at say 1:02 I could have shut down my pc and then not log in again for hours or even days.

So from 1:01 to 1:31 my public profile will show that my last activity was at 1:00 as per 1) above and my username will still be on the online users list until 1:31 when in reality I shut down my pc for the day at 1:02   thus leaving a false impression that I am still online from 1:01-1:31 when in reality I am not and so your suggestion to check user profiles to see if they are still interacting with ASF breaks down during the first 30 mins if all of the above is correct.

cheers

bullmarket 

ps...for the record I am hitting my browser 'X' immediately after submitting this post   and so I assume my username will remain on the user list for 30 mins after the time for this post even though I have clicked 'X' and shut down my pc...


----------



## sails (29 May 2006)

Thanks Joe for leaving the way it is - I use the new posts link and it is nice to have it active for the 30 mins especially if there are a large number of new posts since last visiting plus allowing for some interruptions.

I don't see what Bullmarket's problem is - even if someone is actually online, they may not necessarily be at their computer or it may not be convenient for them to reply at that time.  So, in my opinion, whether it's 15 or 30 mins delay, it will make no difference to when another poster decides to reply!


----------



## Joe Blow (29 May 2006)

bullmarket said:
			
		

> ps...for the record I am hitting my browser 'X' immediately after submitting this post   and so I assume my username will remain on the user list for 30 mins after the time for this post even though I have clicked 'X' and shut down my pc...




There is a very easy solution to this problem. Instead of clicking 'X' on your browser, click 'Log Out' instead.

You will be removed from the users online list immediately.


----------



## wayneL (29 May 2006)

sails said:
			
		

> Thanks Joe for leaving the way it is - I use the new posts link and it is nice to have it active for the 30 mins especially if there are a large number of new posts since last visiting plus allowing for some interruptions.
> 
> I don't see what Bullmarket's problem is - even if someone is actually online, they may not necessarily be at their computer or it may not be convenient for them to reply at that time.  So, in my opinion, whether it's 15 or 30 mins delay, it will make no difference to when another poster decides to reply!




Joe,

I agree with sails, I can't see what the problem is, and I doubt 99.999999999% of others can either. I often have my browser open on ASF and I'm actually off in the Land of Nod... zero chance of a response from me even if my profile was visible!

This is a "bulletin board" type forum. If someone wants immediate interaction, they should probably go to IRC... or the telephone perhaps  

Cheers


----------



## bullmarket (29 May 2006)

Hi sails

There is no major problem with the current set up for the vast majority.  But if you look back at my original post in this thread I highlighted what the potential risks are for users who send private and sensitive information to others, especially if they don't know the recipients personally.

eg....tech/a decided a couple of weeks ago for some reason to voluntarily PM me his name.  Now if someone other than me, who tech/a would probably not want to know his real name,  read that PM after I had clicked the 'X' then he has only himself to blame....and hence the risk of the current setup.

But I am sure tech/a was smart enough to be aware of the risks before he chose to send me his name.

So as I said earlier, one downside for the convenience of not having to log on repeatedly means that private information is then potentially more easily accessible by people other than the intended recipient.

Anyway, as I said in an earlier post it's easier for me to continue using the 'X' and that is what I will be continuing to do   

cheers

bullmarket


----------



## Julia (29 May 2006)

Bullmarket

Joe has suggested what appears to be an entirely satisfactory solution to your concerns.  Can't you just accept that and stop going on about something which seems to concern no one else?

Sorry, bull, but you just go on, and on, and on, and on and.......

With kindest regards

Julia


----------



## Staybaker (29 May 2006)

Hi bullmarket,

It may help to understand a little about how web browser-based communication works.

The main point, at least for this discussion, is that there is not really any lasting "connection" between the web browser on your computer, and the web server with which you are communicating. When you type in a URL, or click on a hyperlink, your browser sends out a "request for information" which, through a process of magic, eventually ends up at the appropriate web server. The web server then issues its response, which magically finds its way back to your computer, and your browser displays the information. At this point, your browser has "forgotten" everything it knew about the web server, and likewise, the web server has "forgotten" about you and your browser. There is no ongoing "connection" maintained between the two. This is how the world wide web was designed to work.

In the early days of the web, this in itself was amazing enough. But pretty soon, people started wanting more of an interactive experience with web servers, they wanted web servers to "remember" them from one request to the next, and so on. So the web people started adding features, such as "cookies", to give the _appearance_ of continuity to web sessions. Cookies, for example, are small pieces of information which are passed back and forth between a browser and a web server. By carefully managing the information in a cookie, and by adding extra "smarts" to the web server, the web server can use a cookie's information to recognize that a particular request is coming from a user that they have seen before, and can then respond appropriately. This allows more interaction to take place between the browser and the web server, and eventually led to the development of forums such as this, along with shopping sites, and so on. The important point, though, is that this mechanism only gives the _appearance_ of there being some kind of "connection" between the two sides; in fact, there is none. The "connection" is actually a mirage managed by carefully programmed software and information exchange behind the scenes.

Now, when you click the "X" to shut down your browser, you simply close the browser. Since there is no "connection" to the web server, shutting down your web browser has no effect on the web server. It, therefore, has NO WAY OF KNOWING whether you have shut the browser, turned off your computer, or if you're still reading the last page it sent, or if you're typing a response to a message, or whatever. The only way the web server can know that you have finished, is if you send it a message telling it so. And the only way of doing that (on this forum) is by clicking on the "Log Out" link.

Does this make it a bit clearer why things work the way they do? 

Cheers, Staybaker.


----------



## bullmarket (30 May 2006)

Hi staybaker

Thanks for the info 

I'm not an IT expert by any means but I thought the 'mechanics' was along the lines you described.

But the point I was making is that regardless of whether the 'connection' is real or virtual the undeniable fact is that if someone clicks their browser 'X' to end an ASF session then there is always the possibility that someone else could come along and restart that session and do what they like within it....ie...read personal PM's, post messages or whatever.

I accept that the convenience of not having to repeatedly log on far outweighs the disadvantage of potentially less security for the vast majority but I am sure that when I made my original post there were some in here that did not realise that when they click the browser 'X' it doesn't necessarily prevent other potentially mischievous users from accessing their ASF account.

I am assuming that tech/a was smart enough to be aware that when he PM'd me his name he new that he had no control whatsoever on who read that PM but I'm sure there are some users who are not as computer savvy/literate and so might not have been aware of the potential dangers before my original post in this thread.

Anyway, I think I have made my point by highlighting the potential dangers and I for one cannot and do not guarantee that any info that is PM'd to bullmarket will not be read by someone the sender of the PM would prefer not to.

If Joe doesn't want to change the site's settings to eliminate this potential risk then that is fine by me, but since other reputable sites do log me off immediately when I click the browser 'X' I will continue to use the 'X' as it is much quicker and easier for me.

cheers

bullmarket


----------



## It's Snake Pliskin (30 May 2006)

Bullmarket,

Give it up man. You can x out or hit the log off button.


----------



## Yezzy (30 May 2006)

Depending on which browser you use bullmarket, you can change settings so that when you close your browser the cookie ASF uses will be discarded. You'll have to login again every time but that's up to you.


----------



## bullmarket (30 May 2006)

Hi Yezzy

thanks for the suggestion   but I'm not going to tinker with my browser settings as it then might affect other non ASF cookies.

But please don't get me wrong - I don't have any problem with the current set up on the ASF site as I see sending personal information in PM's as a big no-no.

I just wanted to hightlight to others, especially those that are not computer savvy,  that might be tempted to PM private/sensitive information of the potential dangers on the ASF site.

I'm quite happy to continue using my browser 'X' as I always do and if someone else uses this account or reads any PM's sent to this account then I personally have no problem with that at all as it's of no consequence to me, but others might once they are aware of the potential dangers.........I guess it's each to their own   

cheers

bullmarket


----------



## Happy (30 May 2006)

To be really safe, we should not use intent and this would be 100% safe and secure solution.


I know ridiculous, but thread got to this stage already without me.


----------



## Joe Blow (30 May 2006)

bullmarket said:
			
		

> I'm quite happy to continue using my browser 'X' as I always do




Bullmarket I have to step in and clear the air on this issue a little. I can see by the way you navigate ASF that you do not 'always' click on the 'X' and shut down your browser window. Before you made your most recent post you had logged out of your account and were lurking on the forums as a guest. This is something you do quite frequently. I can tell by tracking your IP address.

So it seems that you are actually quite familiar with the process of manually logging out... why you don't do this all the time mystifies me if you are truly concerned about the integrity of your account...


----------



## bullmarket (30 May 2006)

Joe,

I am not the only user of this laptop   

and I posted earlier:



> I'm quite happy to continue using my browser 'X' as I always do and if someone else uses this account or reads any PM's sent to this account then I personally have no problem with that at all as it's of no consequence to me, but others might once they are aware of the potential dangers.........I guess it's each to their own




cheers

bullmarket


----------



## bullmarket (31 May 2006)

Hi Joe

I've just been doing a little experimenting   

After logging on to ASF I clicked the 'X' in my browser to close the session and I then manually deleted the 2 ASF cookies in my Cookies folder after which I then came back to the ASF home page and I see that although my name still appears on the on-line users list, I have beem logged off from my previous session and I had to log on again to make this post..........it's no big deal, just interesting to see the affect of manually deleting the ASF cookies.

Out of curiosity I also pinged www.aussiestockforums.com and it came back with an IP address whose host machine is in Dallas Texas.

Are you guys based in the USA?   

cheers

bullmarket


----------



## Joe Blow (31 May 2006)

bullmarket said:
			
		

> Out of curiosity I also pinged www.aussiestockforums.com and it came back with an IP address whose host machine is in Dallas Texas.
> 
> Are you guys based in the USA?




I am the only guy here. ASF is a one man show (except, of course, for our wonderful moderators).

I am based in suburban Brisbane. But yes, ASF is hosted offshore.


----------



## Prospector (31 May 2006)

Mr Bull, I think you need to relax a little!  This stress is just too much for you.  :    Have a nice glass of red and chill for a while, join me in a pre dinner drinkie  

Slainte!


----------



## phoenixrising (31 May 2006)

And Mrs Bullmarket is winning the tug a war, hope i never have an argument with her then.  

I'd like to see Mr Bullmarket and Chicken (of ramping up ZFX fame) go head to head, it would make the Mul thread look tiny


----------



## It's Snake Pliskin (1 June 2006)

Today I clicked the log off button.


----------



## bullmarket (1 June 2006)

*Hi phoenixrising * 



			
				phoenixrising said:
			
		

> And Mrs Bullmarket is winning the tug a war, hope i never have an argument with her then.
> 
> I'd like to see Mr Bullmarket and Chicken (of ramping up ZFX fame) go head to head, it would make the Mul thread look tiny




mrs bullmarket is not the type of person you want to get on the wrong side of or upset   .......if I see her trashing the kitchen drawers looking for her rolling pin then I know I'm in for a  :twak: .....no matter where I hide it, she keeps finding it   

*Hi Mrs Prospector*

thanks for the offer for drinkies but I got into enough trouble last time when I was trapped down a mine shaft with Julia.....and seeing your photo I doubt mrs bullmarket would see it as just a friendly drink   

cheers

bullmarket


----------



## nulla nulla (13 December 2008)

bullmarket & spunkyblonde, what a small world


----------

