Thuum.org

A community for the dragon language of The Elder Scrolls V: Skyrim

Thuum.org

A community for the dragon language of The Elder Scrolls V: Skyrim

May 1, 2017

We're calling on the dragon language community to come together and collaborate translating a short piece of literature. By the end, we'll have a new work to add to the Library that everyone can use for practice. Everyone who participates will be credited in the translation. This project is open to people of all skill levels, so if you're looking to learn the dragon language, this is an opportunity for you to work alongside other members.

The piece we'll be translating is the Song of Hromir, a book from Oblivion and Skyrim.

The goal of this project isn’t to produce a perfect one-to-one translation, but adapt the piece as best as possible into the canon dragon language of Skyrim. This will take some creativity and sacrifice, but will hopefully provide valuable experience with the language you can use for your own translations. This is a group effort, so don’t hesitate to ask questions or offer suggestions!  Pruzah pel.

April 1, 2017

Happy "Day of the Fool"! To celebrate, we have some dragon riddles for you to solve. We'll post a new one each hour, and once each riddle's secret is solved, a hidden power will unlock for the whole site to enjoy. Have fun!

Riddle #1:

4HE F1S ZOF1SI LOV1S
W4 BRUN3K Z9M4ZINI 4RK B4LOKI
ZU'U UNSL1D GRO

Riddle #2:

ZU'U NIS PR1L NUZ M4FAER1K PR1N
ZU'U 4T3D NID NUZ GOV9 Q4I VOTH T3D

Riddle #3:

Z5 ALOK NUZ LOS MULH1N
Z5 AG NUZ NEH L3VR4

Riddle #4:

Z5 K3N NOL MULH1N
Z5 KR3N N1L ROTTE

Riddle #5:

Z5 P71K FRON 4RK BROD
Z5 P71K SLEN 4RK QETH
NUZ ZU’U LOST NEH L4N9

Riddle #6:

FROD 4RK F9KRO LOS SUL9KSEJUNI
D3 H4 NOK US 4RK D3 KUN NOK L1T

Riddle #7:

M3N KOR1V FOD Z5 LOS POG1N
ONIK1N KOR1V FOD ZU’U LOS G2N

March 25, 2017

Mey m9
(noun) fool

"Mey wo bovul daanii meyz daanik. Mey wo boziik krif meyz dahmaan."
m9 wo bovul d1n3 m9z d1nik
?m9 wo boz3k krif m9z d4m1n

March 3, 2017

Here are the winning entries for our Dragon Cult Contest! Congratulations to tjp7154, Frinmulaar, and firelordstark for their creative work. There were a lot of great entries, and we hope you have fun reading them and using them for practice.

A first for our contests, the winning entries are also available as in-game books in a mod. Download it over at the Skyrim Nexus or Bethesda.net. See if you can hunt down the books in Bromjunaar while evading the ruin's hungry frost trolls! Let us know if you like seeing contest content in mods, and we'd be happy to continue doing this in the future. Enjoy!

Update: Special thanks to community member Ruvgein for helping make this mod available on Skyrim Special Edition on PC, Xbox One, and Playstation 4! For console players, find it by selecting "Mods" on the main menu and searching "Thuum.org".

February 25, 2017

Or, “Why We Can’t Have Nice Things, Part 3.”

Late this evening, I was notified that Thuum.org’s database was compromised. The hacker is confirmed to have accessed a small portion of the user table, which includes such information as emails and password hashes. It is unknown whether or not they accessed or dumped any other tables. At the time of writing, the vulnerability that led to the leak has been patched.

In the interest of full transparency, I’ll describe as much as I know about the issue and how it happened. In the meantime, I strongly urge all site members to change their passwords. If you updated your password already today due to the Cloudflare incident, I highly recommend updating your password again.

How did you learn about the compromise?

I received a message from a fake, Russian Facebook profile informing me with an accompanying screenshot of the database as proof, and demands of payment to identify the vulnerability. The screenshot indicated the hacker accessed the first hundred rows of the user table but did not access any further rows or tables. That said, the hacker would have had complete access to the database while it was vulnerable, and it is unknown whether they accessed or dumped additional information after the screenshot was taken.

I identified the vulnerability on my own and patched it as soon as I was able.

How was the database compromised?

At this time, I have no reason to believe the compromise is related the Cloudflare issue mentioned earlier today. The hack occurred through a method called SQL Injection. SQL Injection occurs when unsafe user input is passed into an SQL statement that interacts with the database. With SQL injection, a statement that selects words from a dictionary can instead be made to select entirely different tables.

For site veterans, this is the same type of attack that happened four years ago. Afterward, I shut down the vulnerable pages and spent several weeks rebuilding them to use safe methods. However, at the time and in the interest of getting the site running as quickly as possible, I did not fix every vulnerable page, only the ones that were the most obvious vectors of attack. Four years passed, and it didn’t occur to me that those pages were vulnerable in the same way. I was wrong. It was grossly ignorant and negligent of me to maintain those pages. An anonymous Russian may have pulled the trigger, but I loaded the gun. This is as much my fault as anyone’s and I apologize for any trouble this may have caused.

All site features developed since the 2013 incident use safe methods of communicating with the database, and are not vulnerable to this type of attack. This attack was made possible by the site’s very first pages I developed as a student back in 2012, and have lingered around since. Those pages have now been patched to fix the vulnerability.

What happens now?

As stated above, everyone should update their passwords immediately. Please also consider refreshing yourself on the Thuum.org Privacy Policy so you are familiar with what information we store in our database and what you can do if you would like it removed. Moving forward, I hope we can continue doing contests, creating fun features, and being the tight-knit community we’ve always been. I recognize the severity and implications of this security breach, and will do everything in my power to ensure the site and its members are safe.

-paarthurnax