i promose im not just paranoid...

The geek forum. PHP, Perl, HTML, hardware questions etc.. it's all in here. Got a techie question? We'll sort you out. Ask your questions or post a link to your own site here!

i promose im not just paranoid...

Postby MxCake » Mon Dec 13, 2010 5:15 pm

Hey guys its your friendly neighborhood new guy :D this may be old news to the computer geeks here but i just wanted to make some what of a PSA thing here. for some unknown reason the world his making hackers angry XD there has been a lot of hackers doing what they do best and a bunch of sites from one company got hit. if you use one password for everything especially if you have online banking. really think about using different passwords for different sites or at least use a different one for your banking stuff.

I just don't want anything like this to happen to anyone here.

:)
[color="RoyalBlue"]"At the end of the game,The king and the pawn go back in the same box."-Italian proverb[/color]
[color="MediumTurquoise"]I will never fail you or forsake you.-Hebrews 13:5[/color]
User avatar
MxCake
 
Posts: 109
Joined: Thu Dec 09, 2010 11:33 am
Location: WA

Postby Midori » Mon Dec 13, 2010 5:24 pm

You're talking about the Gawker incident, right? The affected sites, according to Twitter, are Deadspin, Gawker, Gizmodo, io9, Jalopnik, Jezebel, Kotaku, and Lifehacker. If you have an account on these sites, be extra-careful.
User avatar
Midori
 
Posts: 1805
Joined: Mon Sep 12, 2005 6:43 pm
Location: Mingling with local sentients

Postby MxCake » Mon Dec 13, 2010 6:03 pm

yep that's the recent one but did you hear about amazon and another site i think i don't remember lol man its um scary stuff when you think about it.
[color="RoyalBlue"]"At the end of the game,The king and the pawn go back in the same box."-Italian proverb[/color]
[color="MediumTurquoise"]I will never fail you or forsake you.-Hebrews 13:5[/color]
User avatar
MxCake
 
Posts: 109
Joined: Thu Dec 09, 2010 11:33 am
Location: WA

Postby Midori » Mon Dec 13, 2010 6:07 pm

It's a pretty real danger people should take precautions against. But you probably don't need to worry about it much more than you worry about, say, a burglar breaking into your home. Using safe passwords and different passwords for different sites is a security measure akin to locking your house and car when you leave them.
User avatar
Midori
 
Posts: 1805
Joined: Mon Sep 12, 2005 6:43 pm
Location: Mingling with local sentients

Postby Rusty Claymore » Mon Dec 13, 2010 6:13 pm

You can't shoot internet trespassers... ▬_▬
Proverbs 31:32 "...when she watches anime, she keeps the room well lit and sits at a safe distance."
User avatar
Rusty Claymore
 
Posts: 1258
Joined: Sun Jan 03, 2010 2:18 pm
Location: Alaska

Postby ShiroiHikari » Mon Dec 13, 2010 7:00 pm

So what's this all about, now? Anyone have links to any information?
fightin' in the eighties
User avatar
ShiroiHikari
 
Posts: 7564
Joined: Wed May 28, 2003 12:00 pm
Location: Somewhere between 1983 and 1989

Postby MxCake » Mon Dec 13, 2010 7:35 pm

this is both the news cases in one
http://www.zippycart.com/ecommerce-news/1866-amazon-uk-goes-down-was-it-wikileaks-supporters.html


more in depth article and what you should do about gawker:
http://gadgetwise.blogs.nytimes.com/2010/12/13/gawker-passwords-hacked-what-you-should-do/?src=busln

and im not to worried about this happening specifically but i am worried about what they can do. this is not to much to be worried about like midori said use passwords use randomly generated ones if you have to and make your online banking password different and random. you can trust sites to keep your stuff safe anymore.
[color="RoyalBlue"]"At the end of the game,The king and the pawn go back in the same box."-Italian proverb[/color]
[color="MediumTurquoise"]I will never fail you or forsake you.-Hebrews 13:5[/color]
User avatar
MxCake
 
Posts: 109
Joined: Thu Dec 09, 2010 11:33 am
Location: WA

Postby mechana2015 » Mon Dec 13, 2010 7:52 pm

As far as I heard Amazon just got a minor DDoS attempt that really didn't do a whole lot.
Image

My Deviantart
"MOES. I can has Sane Sig now?"
User avatar
mechana2015
 
Posts: 5025
Joined: Wed Oct 22, 2003 12:33 am
Location: Orange County

Postby Nate » Mon Dec 13, 2010 7:56 pm

[quote="Rusty Claymore"]You can't shoot internet trespassers... ▬]
Oh to be able to actually respond to this.
Image

Ezekiel 23:20
User avatar
Nate
 
Posts: 10725
Joined: Thu Sep 02, 2004 12:00 pm
Location: Oh right, like anyone actually cares.

Postby Midori » Mon Dec 13, 2010 7:57 pm

I would not be personally devastated if any of my internet accounts was hijacked, except maybe my bank account. But even about that:
[quote="Matthew 6:19-21 (NIV)"]“]My heart is not in my bank account or my Twitter and CAA accounts.
User avatar
Midori
 
Posts: 1805
Joined: Mon Sep 12, 2005 6:43 pm
Location: Mingling with local sentients

Postby Rusty Claymore » Tue Dec 14, 2010 11:06 am

Nate wrote:Oh to be able to actually respond to this.
Never bring a debate to a gun fight. XD XD XD
Sorry, sorry, I always forget how touchy an issue it is and why I live in Alaska.

bOt, internet theft is a serious problem, since anyone can do it. 7 year olds can code viruses that write 0s to the entire hard drive. And the unfortuneate thing is: "Pics or it didn't happen" doesn't apply. ▬_▬
Proverbs 31:32 "...when she watches anime, she keeps the room well lit and sits at a safe distance."
User avatar
Rusty Claymore
 
Posts: 1258
Joined: Sun Jan 03, 2010 2:18 pm
Location: Alaska

Postby Dante » Sun Dec 19, 2010 3:00 pm

Mwah ha ha, the internet revolution shall finally begin, and hackers shall take over the WORLD! You know... starting with twitter. I actually don't use any of these sites, but thanks for the info, I'm thinking of building high level passwords and then storing them on some kind of external device that's disconnected from any kind of internet. It's times like this when a photographic memory would be REALLY useful.
FKA Pascal
User avatar
Dante
 
Posts: 1323
Joined: Thu Mar 04, 2004 8:24 pm
Location: Where-ever it is, it sure is hot!

Postby mechana2015 » Sun Dec 19, 2010 8:38 pm

Midori (post: 1443595) wrote:My heart is not in my bank account or my Twitter and CAA accounts.


Am I the only person that keeps their heart in their safety deposit box?

<.<

>.>
Image

My Deviantart
"MOES. I can has Sane Sig now?"
User avatar
mechana2015
 
Posts: 5025
Joined: Wed Oct 22, 2003 12:33 am
Location: Orange County

Postby Warrior4Christ » Tue Dec 21, 2010 3:37 am

Midori (post: 1443595) wrote:I would not be personally devastated if any of my internet accounts was hijacked, except maybe my bank account. But even about that:
My heart is not in my bank account or my Twitter and CAA accounts.

While that may be true, having someone steal your password gives them potential to do harm... and you can put a bit of effort in to minimise it on your part.

Email and bank accounts are the most important, and should have unique passwords (ie. don't reuse it elsewhere ever).

I've been reading about online security a bit lately, and some interesting articles I found:

An analysis of the common Gawker passwords: (contains some swear words)
http://www.duosecurity.com/blog/entry/brief_analysis_of_the_gawker_password_dump

http://www.wired.com/politics/security/commentary/securitymatters/2006/12/72300
http://www.codinghorror.com/blog/2008/06/please-give-us-your-email-password.html
http://www.codinghorror.com/blog/2007/05/phishing-the-forever-hack.html
http://www.codinghorror.com/blog/2005/08/passphrase-evangelism.html

And of course:
Image
Everywhere like such as, and MOES.

"Expect great things from God; attempt great things for God." - William Carey
User avatar
Warrior4Christ
 
Posts: 2045
Joined: Sat Aug 20, 2005 8:10 pm
Location: Carefully place an additional prawn on the barbecue

Postby Nate » Tue Dec 21, 2010 10:23 am

Image

I wish I could take all those jerks and morons and idiots who are all "HURP DURP IF YOU HATE XKCD SO MUCH WHY DON'T YOU JUST NOT READ IT" and point them here and say "SEE? SEE YOU MOUTH-BREATHING NECKBEARDS? THIS IS WHY. BECAUSE PEOPLE CONSTANTLY LINK ITS TERRIBLE MOCKERY OF EVERYTHING THAT IS GOOD AND RIGHT IN THIS WORLD EVERYWHERE YOU GO SO SHUT UP AND GO WATCH JAPANESE CARTOON PORN YOU PATHETIC WASTES OF HUMAN FLESH."

P.S. I mad.
Image

Ezekiel 23:20
User avatar
Nate
 
Posts: 10725
Joined: Thu Sep 02, 2004 12:00 pm
Location: Oh right, like anyone actually cares.

Postby Alcuinus » Tue Dec 21, 2010 10:44 am

*reads Nate's post twice to decipher its meaning*

whoa..... didn't see that coming O_o
User avatar
Alcuinus
 
Posts: 152
Joined: Mon Mar 08, 2010 12:12 pm
Location: Midwestern US

Postby Nate » Tue Dec 21, 2010 1:54 pm

I could rant more but that would take this thread horribly off-topic and it would turn into a huge debate so I'll just leave it at that.
Image

Ezekiel 23:20
User avatar
Nate
 
Posts: 10725
Joined: Thu Sep 02, 2004 12:00 pm
Location: Oh right, like anyone actually cares.

Postby blkmage » Tue Dec 21, 2010 2:52 pm

There are a few interesting things about the leak that I gathered.

The most obvious one is that weak passwords aren't only bad because people can guess them or crack them easily, but that if they aren't stored securely enough (and even if they are stored securely enough), if a leak like this ever happens, those will be the first to go. Imagine if every account had a unique password. Decrypting and reversing the hashes would've been much more difficult.

The other interesting thing is that Gawker basically failed at encryption, which is at least partially to blame. For instance, they used DES, which is now old and considered insecure. A funny thing it does is it truncates passwords to eight characters, so even if you had an awesome sixteen character super-secure password, if your first eight characters happened to be something hilariously common like 'password', the rest of your password didn't matter. That's not to mention salting or other fancy cryptographic techniques they didn't use.
User avatar
blkmage
 
Posts: 4529
Joined: Mon May 03, 2004 5:40 pm

Postby MxCake » Tue Dec 21, 2010 9:45 pm

yea but it was foolish for anyone to trust gawker or facebook like that and just use the same password over and over especially for an online bank
[color="RoyalBlue"]"At the end of the game,The king and the pawn go back in the same box."-Italian proverb[/color]
[color="MediumTurquoise"]I will never fail you or forsake you.-Hebrews 13:5[/color]
User avatar
MxCake
 
Posts: 109
Joined: Thu Dec 09, 2010 11:33 am
Location: WA

Postby Warrior4Christ » Wed Dec 22, 2010 12:58 am

MxCake (post: 1445684) wrote:yea but it was foolish for anyone to trust gawker or facebook like that and just use the same password over and over especially for an online bank

Indeed. However, facebook is unlikely to have been so careless about storing passwords.

Nate, I extracted zero meaning from your post.
Everywhere like such as, and MOES.

"Expect great things from God; attempt great things for God." - William Carey
User avatar
Warrior4Christ
 
Posts: 2045
Joined: Sat Aug 20, 2005 8:10 pm
Location: Carefully place an additional prawn on the barbecue

Postby blkmage » Wed Dec 22, 2010 8:08 am

People who use the same password aren't thinking about trusting people to store passwords. Rather, they have a different mindset when it comes to passwords, so they don't consider that things like this can happen. It's an entirely different mindset from security-conscious people.

And let's be realistic. I think it normal people should need to worry about that sort of thing because for the most part, they generally don't understand it. Why should the normal person have to worry about whether Gawker is salting their passwords or not? People don't need to worry if their house keys actually work for reals or not. Of course, I'm speaking idealistically, but the fact is that most security breaches are going to be because security is hard and people can't or won't put in the time to really understand it.
User avatar
blkmage
 
Posts: 4529
Joined: Mon May 03, 2004 5:40 pm

Postby MxCake » Wed Dec 22, 2010 1:29 pm

if your not thinking about putting trust into something your already putting trust into by not even caring lol.

and i think people should care a lot about it and i agree this is kinda like the AIDS thing only not so extreme and devastating i mean people are going around saying "it will never happen to me" and then they lose all there money because they get there password taken from facebook or what just happened with gawker. because thye used the same password over and over.
[color="RoyalBlue"]"At the end of the game,The king and the pawn go back in the same box."-Italian proverb[/color]
[color="MediumTurquoise"]I will never fail you or forsake you.-Hebrews 13:5[/color]
User avatar
MxCake
 
Posts: 109
Joined: Thu Dec 09, 2010 11:33 am
Location: WA

Postby blkmage » Wed Dec 22, 2010 2:24 pm

MxCake (post: 1445811) wrote:if your not thinking about putting trust into something your already putting trust into by not even caring lol.

and i think people should care a lot about it and i agree this is kinda like the AIDS thing only not so extreme and devastating i mean people are going around saying "it will never happen to me" and then they lose all there money because they get there password taken from facebook or what just happened with gawker. because thye used the same password over and over.

Please reproduce for me a mechanical drawing of each of your keys (house, car, etc.) and their locking mechanisms. Oh wait, you can't? So you're just going to trust that your keys are unique to your locks?
User avatar
blkmage
 
Posts: 4529
Joined: Mon May 03, 2004 5:40 pm

Postby ich1990 » Thu Dec 23, 2010 4:49 pm

Nate (post: 1445538) wrote:I wish I could take all those jerks and morons and idiots who are all "HURP DURP IF YOU HATE XKCD SO MUCH WHY DON'T YOU JUST NOT READ IT" and point them here and say "SEE? SEE YOU MOUTH-BREATHING NECKBEARDS? THIS IS WHY. BECAUSE PEOPLE CONSTANTLY LINK ITS TERRIBLE MOCKERY OF EVERYTHING THAT IS GOOD AND RIGHT IN THIS WORLD EVERYWHERE YOU GO SO SHUT UP AND GO WATCH JAPANESE CARTOON PORN YOU PATHETIC WASTES OF HUMAN FLESH."

P.S. I mad.
So quote something you like that is relevant instead. Quit trying to force the internet to censor itself for you. Doing so will just disappoint you and inspire you to produce more pointless internet angst. I think we can all agree that there is enough of that already.
Where an Eidolon, named night, on a black throne reigns upright.
User avatar
ich1990
 
Posts: 1546
Joined: Mon Apr 16, 2007 2:01 pm
Location: The Land of Sona-Nyl


Return to Computing and Links

Who is online

Users browsing this forum: No registered users and 24 guests