Page 1 of 1
i promose im not just paranoid...
PostPosted: Mon Dec 13, 2010 5:15 pm
by MxCake
Hey guys its your friendly neighborhood new guy
this may be old news to the computer geeks here but i just wanted to make some what of a PSA thing here. for some unknown reason the world his making hackers angry XD there has been a lot of hackers doing what they do best and a bunch of sites from one company got hit. if you use one password for everything especially if you have online banking. really think about using different passwords for different sites or at least use a different one for your banking stuff.
I just don't want anything like this to happen to anyone here.
PostPosted: Mon Dec 13, 2010 5:24 pm
by Midori
You're talking about the Gawker incident, right? The affected sites, according to Twitter, are Deadspin, Gawker, Gizmodo, io9, Jalopnik, Jezebel, Kotaku, and Lifehacker. If you have an account on these sites, be extra-careful.
PostPosted: Mon Dec 13, 2010 6:03 pm
by MxCake
yep that's the recent one but did you hear about amazon and another site i think i don't remember lol man its um scary stuff when you think about it.
PostPosted: Mon Dec 13, 2010 6:07 pm
by Midori
It's a pretty real danger people should take precautions against. But you probably don't need to worry about it much more than you worry about, say, a burglar breaking into your home. Using safe passwords and different passwords for different sites is a security measure akin to locking your house and car when you leave them.
PostPosted: Mon Dec 13, 2010 6:13 pm
by Rusty Claymore
You can't shoot internet trespassers... ▬_▬
PostPosted: Mon Dec 13, 2010 7:00 pm
by ShiroiHikari
So what's this all about, now? Anyone have links to any information?
PostPosted: Mon Dec 13, 2010 7:35 pm
by MxCake
this is both the news cases in one
http://www.zippycart.com/ecommerce-news/1866-amazon-uk-goes-down-was-it-wikileaks-supporters.htmlmore in depth article and what you should do about gawker:
http://gadgetwise.blogs.nytimes.com/2010/12/13/gawker-passwords-hacked-what-you-should-do/?src=buslnand im not to worried about this happening specifically but i am worried about what they can do. this is not to much to be worried about like midori said use passwords use randomly generated ones if you have to and make your online banking password different and random. you can trust sites to keep your stuff safe anymore.
PostPosted: Mon Dec 13, 2010 7:52 pm
by mechana2015
As far as I heard Amazon just got a minor DDoS attempt that really didn't do a whole lot.
PostPosted: Mon Dec 13, 2010 7:56 pm
by Nate
[quote="Rusty Claymore"]You can't shoot internet trespassers... ▬]
Oh to be able to actually respond to this.
PostPosted: Mon Dec 13, 2010 7:57 pm
by Midori
I would not be personally devastated if any of my internet accounts was hijacked, except maybe my bank account. But even about that:
[quote="Matthew 6:19-21 (NIV)"]“]My heart is not in my bank account or my Twitter and CAA accounts.
PostPosted: Tue Dec 14, 2010 11:06 am
by Rusty Claymore
Nate wrote:Oh to be able to actually respond to this.
Never bring a debate to a gun fight. XD XD XD
Sorry, sorry, I always forget how touchy an issue it is and why I live in Alaska.
bOt, internet theft is a serious problem, since anyone can do it. 7 year olds can code viruses that write 0s to the entire hard drive. And the unfortuneate thing is: "Pics or it didn't happen" doesn't apply. ▬_▬
PostPosted: Sun Dec 19, 2010 3:00 pm
by Dante
Mwah ha ha, the internet revolution shall finally begin, and hackers shall take over the WORLD! You know... starting with twitter. I actually don't use any of these sites, but thanks for the info, I'm thinking of building high level passwords and then storing them on some kind of external device that's disconnected from any kind of internet. It's times like this when a photographic memory would be REALLY useful.
PostPosted: Sun Dec 19, 2010 8:38 pm
by mechana2015
Midori (post: 1443595) wrote:My heart is not in my bank account or my Twitter and CAA accounts.
Am I the only person that keeps their heart in their safety deposit box?
<.<
>.>
PostPosted: Tue Dec 21, 2010 3:37 am
by Warrior4Christ
Midori (post: 1443595) wrote:I would not be personally devastated if any of my internet accounts was hijacked, except maybe my bank account. But even about that:
My heart is not in my bank account or my Twitter and CAA accounts.
While that may be true, having someone steal your password gives them potential to do harm... and you can put a bit of effort in to minimise it on your part.
Email and bank accounts are the most important, and should have unique passwords (ie. don't reuse it elsewhere ever).
I've been reading about online security a bit lately, and some interesting articles I found:
An analysis of the common Gawker passwords: (contains some swear words)
http://www.duosecurity.com/blog/entry/brief_analysis_of_the_gawker_password_dump
http://www.wired.com/politics/security/commentary/securitymatters/2006/12/72300
http://www.codinghorror.com/blog/2008/06/please-give-us-your-email-password.html
http://www.codinghorror.com/blog/2007/05/phishing-the-forever-hack.html
http://www.codinghorror.com/blog/2005/08/passphrase-evangelism.html
And of course:
PostPosted: Tue Dec 21, 2010 10:23 am
by Nate
I wish I could take all those jerks and morons and idiots who are all "HURP DURP IF YOU HATE XKCD SO MUCH WHY DON'T YOU JUST NOT READ IT" and point them here and say "SEE? SEE YOU MOUTH-BREATHING NECKBEARDS? THIS IS WHY. BECAUSE PEOPLE CONSTANTLY LINK ITS TERRIBLE MOCKERY OF EVERYTHING THAT IS GOOD AND RIGHT IN THIS WORLD EVERYWHERE YOU GO SO SHUT UP AND GO WATCH JAPANESE CARTOON PORN YOU PATHETIC WASTES OF HUMAN FLESH."
P.S. I mad.
PostPosted: Tue Dec 21, 2010 10:44 am
by Alcuinus
*reads Nate's post twice to decipher its meaning*
whoa..... didn't see that coming O_o
PostPosted: Tue Dec 21, 2010 1:54 pm
by Nate
I could rant more but that would take this thread horribly off-topic and it would turn into a huge debate so I'll just leave it at that.
PostPosted: Tue Dec 21, 2010 2:52 pm
by blkmage
There are a few interesting things about the leak that I gathered.
The most obvious one is that weak passwords aren't only bad because people can guess them or crack them easily, but that if they aren't stored securely enough (and even if they are stored securely enough), if a leak like this ever happens, those will be the first to go. Imagine if every account had a unique password. Decrypting and reversing the hashes would've been much more difficult.
The other interesting thing is that Gawker basically failed at encryption, which is at least partially to blame. For instance, they used DES, which is now old and considered insecure. A funny thing it does is it truncates passwords to eight characters, so even if you had an awesome sixteen character super-secure password, if your first eight characters happened to be something hilariously common like 'password', the rest of your password didn't matter. That's not to mention salting or other fancy cryptographic techniques they didn't use.
PostPosted: Tue Dec 21, 2010 9:45 pm
by MxCake
yea but it was foolish for anyone to trust gawker or facebook like that and just use the same password over and over especially for an online bank
PostPosted: Wed Dec 22, 2010 12:58 am
by Warrior4Christ
MxCake (post: 1445684) wrote:yea but it was foolish for anyone to trust gawker or facebook like that and just use the same password over and over especially for an online bank
Indeed. However, facebook is unlikely to have been so careless about storing passwords.
Nate, I extracted zero meaning from your post.
PostPosted: Wed Dec 22, 2010 8:08 am
by blkmage
People who use the same password aren't thinking about trusting people to store passwords. Rather, they have a different mindset when it comes to passwords, so they don't consider that things like this can happen. It's an entirely different mindset from security-conscious people.
And let's be realistic. I think it normal people should need to worry about that sort of thing because for the most part, they generally don't understand it. Why should the normal person have to worry about whether Gawker is salting their passwords or not? People don't need to worry if their house keys actually work for reals or not. Of course, I'm speaking idealistically, but the fact is that most security breaches are going to be because security is hard and people can't or won't put in the time to really understand it.
PostPosted: Wed Dec 22, 2010 1:29 pm
by MxCake
if your not thinking about putting trust into something your already putting trust into by not even caring lol.
and i think people should care a lot about it and i agree this is kinda like the AIDS thing only not so extreme and devastating i mean people are going around saying "it will never happen to me" and then they lose all there money because they get there password taken from facebook or what just happened with gawker. because thye used the same password over and over.
PostPosted: Wed Dec 22, 2010 2:24 pm
by blkmage
MxCake (post: 1445811) wrote:if your not thinking about putting trust into something your already putting trust into by not even caring lol.
and i think people should care a lot about it and i agree this is kinda like the AIDS thing only not so extreme and devastating i mean people are going around saying "it will never happen to me" and then they lose all there money because they get there password taken from facebook or what just happened with gawker. because thye used the same password over and over.
Please reproduce for me a mechanical drawing of each of your keys (house, car, etc.) and their locking mechanisms. Oh wait, you can't? So you're just going to trust that your keys are unique to your locks?
PostPosted: Thu Dec 23, 2010 4:49 pm
by ich1990
Nate (post: 1445538) wrote:I wish I could take all those jerks and morons and idiots who are all "HURP DURP IF YOU HATE XKCD SO MUCH WHY DON'T YOU JUST NOT READ IT" and point them here and say "SEE? SEE YOU MOUTH-BREATHING NECKBEARDS? THIS IS WHY. BECAUSE PEOPLE CONSTANTLY LINK ITS TERRIBLE MOCKERY OF EVERYTHING THAT IS GOOD AND RIGHT IN THIS WORLD EVERYWHERE YOU GO SO SHUT UP AND GO WATCH JAPANESE CARTOON PORN YOU PATHETIC WASTES OF HUMAN FLESH."
P.S. I mad.
So quote something you like that is relevant instead. Quit trying to force the internet to censor itself for you. Doing so will just disappoint you and inspire you to produce more pointless internet angst. I think we can all agree that there is enough of that already.