IPB

Welcome Guest ( Log In | Register )

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

4 Pages V  1 2 3 > »   
Reply to this topicStart new topic
> Questions/Comments on 7/19 Breakin
Stealth
post Jul 21 2009, 11:24 AM
Post #1


Administrator
*****

Group: Root Administrators
Posts: 2,760
Joined: 26-December 05
From: Milwaukee, Wisconsin USA
Member No.: 1



Please post any questions or comments on our 7/19/09 site breakin here.


--------------------
Stealth
IPB Image | IPB Image

I don't provide tech support by PM. Please use our Technical Support forum for that.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
nate
post Jul 21 2009, 12:05 PM
Post #2


Full Member
***

Group: Sr. Members
Posts: 741
Joined: 29-January 06
Member No.: 30



It's harder to compromise an account if the account name is not publicly available.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
PhiX
post Jul 21 2009, 12:48 PM
Post #3


Notice the ownage.
********

Group: Global Moderators
Posts: 10,862
Joined: 15-January 07
From: GeRmAnY (GMT +1:00)
Member No.: 16,204



QUOTE(Stealth @ Jul 21 2009, 07:24 PM) *
and remember please show respect and consideration to Lulz members of aC to avoid problems.
What's that supposed to mean? Should we kiss their asses and thank them that they didn't do more harm to the site?


--------------------
PhiX
--------------------
I do not provide support via PM or IM, please use the forums.
SBs Help Tool - Please only double click my name if I told you to do so.
--------------------

Whore of Clan BoT

JBLS: phix.no-ip.org (click for stats) IPB Image
--------------------
QUOTE(Clan BoT)
[20:33:50.063] <SlamBliss@Azeroth> I'm not showing any respect to a bunch of script kiddie faggots.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
DeAtHZeRg
post Jul 21 2009, 01:08 PM
Post #4


Off-Topic Super Hero
***

Group: Moderators
Posts: 334
Joined: 6-February 06
Member No.: 58



QUOTE
Early Sunday morning our website was compromised by a members of the Lulz Divison of Clan [aC].
QUOTE
.... and remember please show respect and consideration to Lulz members of aC to avoid problems.


So wait we are supposed to show respect and consideration to the people that hacked into the site? Personally I think this issue should be taken to the authorities. But hey it's not my site.


--------------------
[02:41:06 PM] <From DeAthZeRg> Your friend DeAthZeRg entered a Warcraft III The Frozen Throne game called DotA apem !!.
[02:41:06 PM] Error: Subscript out of range in ParsePacket().
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Viet-Kong
post Jul 21 2009, 01:48 PM
Post #5


Jr. Member
**

Group: Members
Posts: 10
Joined: 28-May 07
Member No.: 24,236



Maybe they should show some respect to your website. What a load of BS. Lulz is a clan within a clan?

Not sure what kind of hosting you have, but I'd recommend doing a db dump every 4 hours. When I hosted my own website it got hacked a few times and I always had a poor backup strategy. Finally I setup a batch job (win hosting, but you could do the same with cron job I believe) to dump and time stamp the db every 4 hours. If ever anything happened, I'd be back up in no time with perhaps just a little bit of forum post as loss.

This post has been edited by Viet-Kong: Jul 21 2009, 01:50 PM
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Stealth
post Jul 21 2009, 01:59 PM
Post #6


Administrator
*****

Group: Root Administrators
Posts: 2,760
Joined: 26-December 05
From: Milwaukee, Wisconsin USA
Member No.: 1



QUOTE(nate @ Jul 21 2009, 12:05 PM) *

It's harder to compromise an account if the account name is not publicly available.


Where do you find the account name publicly available?

I am usually not a fan of appeasement, but in this case it's the easiest solution, since it seems to have all been a misunderstanding anyways.


--------------------
Stealth
IPB Image | IPB Image

I don't provide tech support by PM. Please use our Technical Support forum for that.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
PhiX
post Jul 21 2009, 02:27 PM
Post #7


Notice the ownage.
********

Group: Global Moderators
Posts: 10,862
Joined: 15-January 07
From: GeRmAnY (GMT +1:00)
Member No.: 16,204



QUOTE(Stealth @ Jul 21 2009, 09:59 PM) *
Where do you find the account name publicly available?
For example when there appear errors on the site.


--------------------
PhiX
--------------------
I do not provide support via PM or IM, please use the forums.
SBs Help Tool - Please only double click my name if I told you to do so.
--------------------

Whore of Clan BoT

JBLS: phix.no-ip.org (click for stats) IPB Image
--------------------
QUOTE(Clan BoT)
[20:33:50.063] <SlamBliss@Azeroth> I'm not showing any respect to a bunch of script kiddie faggots.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
The one
post Jul 21 2009, 05:08 PM
Post #8


Beta Tester.
***

Group: Beta Testers
Posts: 464
Joined: 15-July 06
Member No.: 6,476



So all this because some idiot got banned and restricted from stuff?


--------------------
QUOTE
[01:55:13.906] ->> Happy testing!! Be patient, 2.7 will be released at the end of September 2009.

Current Stealthbot Used: StealthBot v2.7 Release Candidate 1
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
SlamBliss
post Jul 21 2009, 05:09 PM
Post #9


I am the law.
***

Group: Moderators
Posts: 338
Joined: 12-February 06
From: Rochester, NY
Member No.: 70



He got banned from stealthbot.net (or suspended, one of the two) and beta access revoked, I believe. So he did what most children would do, he lashed out.


--------------------
QUOTE("aC Internet Tough Guys")
[20:28:49.579] <BoT[aC]OpZ(1)@Azeroth> SlamBliss
[20:28:53.266] <BoT[aC]OpZ(1)@Azeroth> you are in violation of aC ToS
[20:28:54.562] <Law> I'll contact a CSR
[20:28:58.655] <BoT[aC]OpZ(1)@Azeroth> ok
[20:29:00.358] <Law> and alert the TF's
[20:29:04.811] <SlamBliss@Azeroth> =D

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Binaries
post Jul 21 2009, 06:26 PM
Post #10


The Iron Fist
**

Group: Banned
Posts: 95
Joined: 8-July 06
From: The Ban Stick
Member No.: 6,218



The whole situation just went out of hand due to people caring to much about battle.net in general. Extremely sad. I found it funny that they refer to there set of a rules as a TOS that has to be followed by everyone within the battle.net community if not otherwise specified.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
The-Black-Ninja
post Jul 21 2009, 07:32 PM
Post #11


Pure Sex
********

Group: Moderators
Posts: 7,756
Joined: 13-August 06
Member No.: 7,372



I think everyone needs to congratulate Stealth for keeping positive throughout this whole thing when everyone else lost it.


smile.gif


--------------------
IPB Image

-My Plugins :: Thanks Pyro :)
IPB ImageIPB Image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Mega
post Jul 21 2009, 07:42 PM
Post #12


i have open-source underwear
*****

Group: Moderators
Posts: 1,735
Joined: 26-December 05
Member No.: 12



QUOTE(Stealth @ Jul 21 2009, 03:59 PM) *

I am usually not a fan of appeasement, but in this case it's the easiest solution, since it seems to have all been a misunderstanding anyways.

What exactly happened? We need to know so such things never happen again.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
SlamBliss
post Jul 21 2009, 08:00 PM
Post #13


I am the law.
***

Group: Moderators
Posts: 338
Joined: 12-February 06
From: Rochester, NY
Member No.: 70



QUOTE("2009-07-21.txt")
[01:26:32 AM] <Satan@USEast> Stealth
[01:26:35 AM] <Satan@USEast> aC wants to donate 1000$ to you
[01:26:38 AM] <Ribose[BoT]> we're all programmers
[01:26:39 AM] <Satan@USEast> What's your paypal?
[01:26:46 AM] <slyckbawt@USEast> that's a bit much, don't you think?
[01:26:48 AM] <Satan@USEast> Nawh
[01:26:48 AM] <Ribose[BoT]> whatdoyaknow
[01:26:51 AM] <Satan@USEast> We stole it all awhile back
[01:27:00 AM] <slyckbawt@USEast> aw man. I can't accept stolen cash!
[01:27:00 AM] <Ribose[BoT]> hahah
[01:27:04 AM] <Satan@USEast> No we laundered it
[01:27:05 AM] <Satan@USEast> already
[01:27:10 AM] <Satan@USEast> Pushed it thorugh like 5 diff paypals
[01:27:11 AM] <slyckbawt@USEast> hehe. sno-cone vending operation?
[01:27:15 AM] <Satan@USEast> Nawh
[01:27:28 AM] <Ribose[BoT]> sounds like he wants your paypal to steal your money
[01:27:28 AM] <FiftyToo@USEast> .awesome
[01:27:29 AM] <Ribose[BoT]> tongue.gif
[01:27:34 AM] <Satan@USEast> Ribose
[01:27:36 AM] <slyckbawt@USEast> well, it's a public pp account
[01:27:38 AM] <Satan@USEast> Yeah
[01:27:42 AM] <slyckbawt@USEast> stealth@stealthbot.net
[01:27:44 AM] <Satan@USEast> Ok cool.
[01:27:45 AM] <slyckbawt@USEast> not hard to guess etiher
[01:27:46 AM] <slyckbawt@USEast> either *
[01:28:42 AM] <Ribose[BoT]> 116
[01:28:53 AM] <FiftyToo@USEast> wtf
[01:28:59 AM] <Satan@USEast> We are going to charge MaryT
[01:29:03 AM] <Satan@USEast> with a violation of the aC ToS
[01:29:14 AM] <FiftyToo@USEast> im watching tru tv and they are doin some crime mystery forensic shit
[01:29:30 AM] <FiftyToo@USEast> and this shit happened in my city sad.gif
[01:29:32 AM] <MysT_DooM@USEast> whats "aC"s website or irc
[01:29:52 AM] <slyckbawt@USEast> brutal. Do not want FBI.


I would be positive too, even if no money was received. It is the gesture that counts.


--------------------
QUOTE("aC Internet Tough Guys")
[20:28:49.579] <BoT[aC]OpZ(1)@Azeroth> SlamBliss
[20:28:53.266] <BoT[aC]OpZ(1)@Azeroth> you are in violation of aC ToS
[20:28:54.562] <Law> I'll contact a CSR
[20:28:58.655] <BoT[aC]OpZ(1)@Azeroth> ok
[20:29:00.358] <Law> and alert the TF's
[20:29:04.811] <SlamBliss@Azeroth> =D

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Mega
post Jul 21 2009, 08:15 PM
Post #14


i have open-source underwear
*****

Group: Moderators
Posts: 1,735
Joined: 26-December 05
Member No.: 12



What is this aC ToS?
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Binaries
post Jul 21 2009, 08:18 PM
Post #15


The Iron Fist
**

Group: Banned
Posts: 95
Joined: 8-July 06
From: The Ban Stick
Member No.: 6,218



No one actually knows the TOS, as they don't want anyone to know so they can simply state "you broke the TOS". It's a crock of shit.

QUOTE

[04:34:36 PM] <Binaries> Just wondering what services you actually have and how exactly that term broken can be applied in a correct and legal manner.
[04:35:18 PM] <Binaries> Are you all some secret conglomerate that owns battle.net or blizzard?
[04:35:43 PM] <Binaries> I'm sure that term is somewhere hidden in your site or it was in the TOS on signup?
[04:36:57 PM] <Binaries> Terms of service - Wikipedia, the free encyclopedia
[04:37:28 PM] <Binaries> Maybe you should consider changing it from TOS, due to the fact it's not correct at least in the way you're enforcing them.
[04:37:40 PM] <Binaries> Afk.
[04:37:40 PM] <Law> AOYOAOYOAOYOOAYO
[04:37:40 PM] <Lulz.CeLe[aC]> Hrm
[04:37:44 PM] <Binaries> Oh
[04:37:48 PM] <Binaries> Ill just wait for a reply
[04:39:14 PM] <Binaries> If anything your member broke a general "rule" within the Stealthbot site by abusing or even making fun of a higher authority (within that site).
[04:39:45 PM] <Binaries> You don't just do something and expect no consequences back do you?
[04:40:31 PM] <Binaries> Feel free to answer all my questions and interpretation of TOS with an in depth rebutle.
[04:41:19 PM] <Law> stfu
[04:41:49 PM] <Binaries> cool story bro
[04:41:59 PM] <Law> yeah
[04:42:00 PM] Binaries was banned by Law.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
SlamBliss
post Jul 21 2009, 08:21 PM
Post #16


I am the law.
***

Group: Moderators
Posts: 338
Joined: 12-February 06
From: Rochester, NY
Member No.: 70



QUOTE(Mega @ Jul 21 2009, 10:15 PM) *

What is this aC ToS?

http://clan.bot.nu/forum/index.php?topic=8...0;boardseen#new

If you can't access that, he contradicts himself and then makes a fool out of himself in relation to the ToS. Also: No written copy has been provided, even though it is insisted that it exists.

IMO? Internet bullies on the playground of battle.net.

"You banned me? BBBBBBBBAAAAAAAAAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW.... AAAAAAAAAAAWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW
WWWWWWWWWWWWWWWWWWWWWWWWWWWW. I'm going to press this button at you and try to ruin your life."


--------------------
QUOTE("aC Internet Tough Guys")
[20:28:49.579] <BoT[aC]OpZ(1)@Azeroth> SlamBliss
[20:28:53.266] <BoT[aC]OpZ(1)@Azeroth> you are in violation of aC ToS
[20:28:54.562] <Law> I'll contact a CSR
[20:28:58.655] <BoT[aC]OpZ(1)@Azeroth> ok
[20:29:00.358] <Law> and alert the TF's
[20:29:04.811] <SlamBliss@Azeroth> =D

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Fuhrer(R)
post Jul 21 2009, 08:41 PM
Post #17


Full Member
***

Group: Members
Posts: 135
Joined: 29-April 07
Member No.: 23,043



Its a sad day when the Stealthbot community is brought to a halt all because of one douchebag that lashed out after being disciplined.

This is a clear example of what is to come in the future. If one person can do this there will be others. Giving in to their demands is a bad move.

Im personally offended as such other stealthbot users that Administration would let this go unpunished. This kid commits a cyber crime, boasts about it and you do nothing...

On the Pro side I got to use a Beta version for a couple hours without authorization.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
The-Black-Ninja
post Jul 21 2009, 09:25 PM
Post #18


Pure Sex
********

Group: Moderators
Posts: 7,756
Joined: 13-August 06
Member No.: 7,372



QUOTE(Fuhrer(R) @ Jul 21 2009, 10:41 PM) *
Im personally offended as such other stealthbot users that Administration would let this go unpunished. This kid commits a cyber crime, boasts about it and you do nothing...
Probably because they want their passwords to all their shit back? I want to see what you would do when they lock you out of your e-mail account and gain access to your computer files, I don't think you would be saying, "Do more."

Not to be rude, but you weren't there when it happened and during the chats in the channel. To say something like what you're saying is ignorant and completely out of place. You don't know the magnitude of what happened, compounded by battle.net not doing shit all about this and leaving you on your own, it's not like you can stand there and continue to give the finger to these guys when they have your entire website hostage.


--------------------
IPB Image

-My Plugins :: Thanks Pyro :)
IPB ImageIPB Image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
SlamBliss
post Jul 21 2009, 10:13 PM
Post #19


I am the law.
***

Group: Moderators
Posts: 338
Joined: 12-February 06
From: Rochester, NY
Member No.: 70



QUOTE(The-Black-Ninja @ Jul 21 2009, 11:25 PM) *

QUOTE(Fuhrer(R) @ Jul 21 2009, 10:41 PM) *
Im personally offended as such other stealthbot users that Administration would let this go unpunished. This kid commits a cyber crime, boasts about it and you do nothing...
Probably because they want their passwords to all their shit back? I want to see what you would do when they lock you out of your e-mail account and gain access to your computer files, I don't think you would be saying, "Do more."

Not to be rude, but you weren't there when it happened and during the chats in the channel. To say something like what you're saying is ignorant and completely out of place. You don't know the magnitude of what happened, compounded by battle.net not doing shit all about this and leaving you on your own, it's not like you can stand there and continue to give the finger to these guys when they have your entire website hostage.

If you don't, then they will never learn what they are doing is wrong. They will only learn what works to break you. Appeasement is surrender, and your surrender is his victory.


--------------------
QUOTE("aC Internet Tough Guys")
[20:28:49.579] <BoT[aC]OpZ(1)@Azeroth> SlamBliss
[20:28:53.266] <BoT[aC]OpZ(1)@Azeroth> you are in violation of aC ToS
[20:28:54.562] <Law> I'll contact a CSR
[20:28:58.655] <BoT[aC]OpZ(1)@Azeroth> ok
[20:29:00.358] <Law> and alert the TF's
[20:29:04.811] <SlamBliss@Azeroth> =D

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
FiftyToo
post Jul 21 2009, 10:20 PM
Post #20


Posting God
*****

Group: Sr. Members
Posts: 1,552
Joined: 28-September 06
From: Ohio
Member No.: 9,153



Personally, I agree with Fuhrer®. It doesn't matter if it all started from a misunderstanding, breaking the law is breaking the law. This website contains personally identifiable information about its members, and its against the law to obtain unauthorized access to this information. At the very least, this person should remain banned and any further actions should be reported to the authorities. Sensitive data should not be treated so lightly sad.gif

52


--------------------
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
The-Black-Ninja
post Jul 21 2009, 10:27 PM
Post #21


Pure Sex
********

Group: Moderators
Posts: 7,756
Joined: 13-August 06
Member No.: 7,372



No no, I'm saying like, while they have your shit hostage and stuff. Personally, I wouldn't be egging them on to do more damage, I'd wait until I get it back, THEN take some action.


--------------------
IPB Image

-My Plugins :: Thanks Pyro :)
IPB ImageIPB Image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
NeonFlame
post Jul 21 2009, 10:44 PM
Post #22


I <3 Sam
***

Group: Sr. Members
Posts: 447
Joined: 24-February 07
From: Saskatchewan, Canada
Member No.: 19,322



I'm just happy it's all okay again. I would, however agree that letting people get away with things is the wrong way to go, but once again.. I can see where Ninja's coming from. It's just a very difficult situation to deal with well.

EDIT: As well, they make it sound like it's not a big deal to gain access to this information, but really, gaining access to anything personal that can relate to the real world.. that's a HUGE deal. It could compromise your entire life. So yeah, agreed 52.

This post has been edited by NeonFlame: Jul 21 2009, 10:46 PM


--------------------
IPB Image
<3 Hdx and his warden fix. ^^
пЄПŁąMε
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Stealth
post Jul 21 2009, 11:50 PM
Post #23


Administrator
*****

Group: Root Administrators
Posts: 2,760
Joined: 26-December 05
From: Milwaukee, Wisconsin USA
Member No.: 1



To be ballpark frank, three factors are in play:

1. I don't have time to deal with this and any subsequent attacks. I'd rather have aC on my side.
2. They gave everything back right away and without tampering with any of it. They were also more pleasant to deal with than many customer service representatives I've had to talk to.
3. My personal (non-StealthBot-affiliated) GMail account was compromised, intruding the whole mess into my personal life. Banking accounts are (were..) tied to that e-mail address.

At any rate, I have taken and will continue to take steps to increase security on my end, on the web host's end (no more LunarPages) and in general tightening the screws a little bit, to prevent any future sort of problem like this from developing. In short, since my personal GMail account was compromised (I think I was Sarah Palin'ed) all it took was a forgot password request to LunarPages to get the password to the hosting account, IN CLEAR TEXT since LP apparently does not encrypt them.


--------------------
Stealth
IPB Image | IPB Image

I don't provide tech support by PM. Please use our Technical Support forum for that.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
MusicDemon
post Jul 22 2009, 04:29 AM
Post #24


Troll Leader
*****

Group: Members
Posts: 880
Joined: 24-April 08
From: The Netherlands
Member No.: 36,321



I got only irritated because I had a few non-StealthBot-related questions.

I'm happy to hear that we're back, and nothing - so far - got harmed in a very bad way.


--------------------
Warden help needed? Click me! It are screenshots with explanation.
Administrator @ MusicDemon Productions
Moderator @ PingGnome's
Moderator @ PvPGN
StealthBot Wiki
IPB Image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
nate
post Jul 22 2009, 07:18 AM
Post #25


Full Member
***

Group: Sr. Members
Posts: 741
Joined: 29-January 06
Member No.: 30



QUOTE(Stealth @ Jul 22 2009, 01:50 AM) *

To be ballpark frank, three factors are in play:

1. I don't have time to deal with this and any subsequent attacks. I'd rather have aC on my side.
2. They gave everything back right away and without tampering with any of it. They were also more pleasant to deal with than many customer service representatives I've had to talk to.
3. My personal (non-StealthBot-affiliated) GMail account was compromised, intruding the whole mess into my personal life. Banking accounts are (were..) tied to that e-mail address.

At any rate, I have taken and will continue to take steps to increase security on my end, on the web host's end (no more LunarPages) and in general tightening the screws a little bit, to prevent any future sort of problem like this from developing. In short, since my personal GMail account was compromised (I think I was Sarah Palin'ed) all it took was a forgot password request to LunarPages to get the password to the hosting account, IN CLEAR TEXT since LP apparently does not encrypt them.

QUOTE
Secret Question: Better than poop.?

I assume thats you. I sent you a PM.

This post has been edited by nate: Jul 22 2009, 07:23 AM
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Damned_Zerg
post Jul 22 2009, 09:00 AM
Post #26


<Insert Title Here>
*****

Group: Sr. Members
Posts: 1,539
Joined: 3-February 06
From: Canada
Member No.: 38



So when do we get revenge?


--------------------
IPB ImageIPB Image
IPB Image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Ribose
post Jul 22 2009, 09:50 AM
Post #27


So, it's all about fame, huh?
*****

Group: Global Moderators
Posts: 2,950
Joined: 13-February 06
From: Connecticut, USA. (GMT -5:00)
Member No.: 74



He still has not provided this "aC ToS" so to me, it's complete made up bullshit.
He's just some script kiddie who found some good tools which he was able to use, is what it looks like.
This is obviously illegal, so all you just did was surrender...

Also, how in all hell does being banned from THIS FORUM limit your access to Battle.net??? For fucks sake, just get MirageBot or whatever the hell you want and go noob your way onto Battle.net through other means. This is certainly not the only Battle.net bot, and Hdx certainly is not hosting the only BNLS-protocol server.


--------------------
~Ribose
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
Eric
post Jul 22 2009, 11:15 AM
Post #28


The Causeless Cause
*****

Group: Root Administrators
Posts: 2,952
Joined: 26-December 05
Member No.: 2



QUOTE(Stealth @ Jul 21 2009, 10:50 PM) *

To be ballpark frank, three factors are in play:

1. I don't have time to deal with this and any subsequent attacks. I'd rather have aC on my side.
2. They gave everything back right away and without tampering with any of it. They were also more pleasant to deal with than many customer service representatives I've had to talk to.
3. My personal (non-StealthBot-affiliated) GMail account was compromised, intruding the whole mess into my personal life. Banking accounts are (were..) tied to that e-mail address.

At any rate, I have taken and will continue to take steps to increase security on my end, on the web host's end (no more LunarPages) and in general tightening the screws a little bit, to prevent any future sort of problem like this from developing. In short, since my personal GMail account was compromised (I think I was Sarah Palin'ed) all it took was a forgot password request to LunarPages to get the password to the hosting account, IN CLEAR TEXT since LP apparently does not encrypt them.

The problem though extends far beyond just you. It is a common tactic of aC (as well as other malicious Battle.net clans) to use website forum databases obtained in any of a variety of ways to grab the md5/sha1s of the users and then brute them so as to find out their passwords for Battle.net accounts, financial information, etc. This is of course why you should use a series of differing passwords, one set for financial, one set for personal, etc.

Older versions of IPB stored these passwords using an unsalted MD5, which is carried over into our boards in the form of the legacy_password field of the ibf_members table. This field was filled in with the signup password for all members with ids <= 8760. These members are now all at risk and should most definitely change the password on anything related. Those with ids higher than this are subject to the increased security standards imposed by the newer IPB and while they should change their passwords as well, it is not necessary. We also now have all had our e-mail addresses exposed to those with poor intentions, allowing for an attack similar in manner as to what happened to Sarah Palin.
User is offlineProfile CardPM
Go to the top of the page
+Quote Post
SlamBliss
post Jul 22 2009, 11:59 AM
Post #29


I am the law.
***

Group: Moderators
Posts: 338
Joined: 12-February 06
From: Rochester, NY
Member No.: 70



I'm not really happy with how this was handled. What they did is a crime, plain and simple. With the possible passwords of the first 8000 members they could stand to take quite a bit if people were not prudent in security. I am not worried because I never keep any type of currency in relation to the internet, but it does not make me feel any better about having to change my password to the things that are important to me.

Bottom line: They are not above the law, and letting this simply "go" is ridiculous.

They really didn't send you $1,000, did they? It was a joke, right? If they actually did and you accept this appeasement then you are just as bad, or worse. That's like a bribe. But I digress, I have no right to call you out on anything. He was joking anyway, I think, because people don't just simply give out $1,000 unless they are trying to bribe someone.


--------------------
QUOTE("aC Internet Tough Guys")
[20:28:49.579] <BoT[aC]OpZ(1)@Azeroth> SlamBliss
[20:28:53.266] <BoT[aC]OpZ(1)@Azeroth> you are in violation of aC ToS
[20:28:54.562] <Law> I'll contact a CSR
[20:28:58.655] <BoT[aC]OpZ(1)@Azeroth> ok
[20:29:00.358] <Law> and alert the TF's
[20:29:04.811] <SlamBliss@Azeroth> =D

User is offlineProfile CardPM
Go to the top of the page
+Quote Post
The-Black-Ninja
post Jul 22 2009, 12:57 PM
Post #30


Pure Sex
********

Group: Moderators
Posts: 7,756
Joined: 13-August 06
Member No.: 7,372



All my passwords to anything I care about have been changed to ones that are; over 20 characters long, contain caps and lowercase, numbers, spaces, underscores, etc. Good thing I never do online banking or anything financial like eBay smile.gif


--------------------
IPB Image

-My Plugins :: Thanks Pyro :)
IPB ImageIPB Image
User is offlineProfile CardPM
Go to the top of the page
+Quote Post

4 Pages V  1 2 3 > » 
Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 24th October 2014 - 05:17 AM
Skin by Andrea
Website Legal Information | Hosted by LunarPages