Pages: [1] :: one page |
|
Author |
Thread Statistics | Show CCP posts - 1 post(s) |
Suitonia
Gallente Genos Occidere HYDRA RELOADED
|
Posted - 2011.04.11 17:37:00 -
[1]
The Scrapheap Challenge DB has been compromised because of Calmdown's terrible security questions and apparently all the passwords were saved in an unhashed format. If you have reused your Scrapheap Challenge password for any other website, your eve account, email or bank account then you should absolutely change them right away.
---
|
Ranger 1
Amarr Paragon Fury Cascade Imminent
|
Posted - 2011.04.11 18:34:00 -
[2]
Edited by: Ranger 1 on 11/04/2011 18:34:49
Interesting.
It appears to be a "declare war on EVE related forums" day.
Puts a slightly different light on CCP's forum woe's. ===== The world will not end in 2012, however there will be a serious nerf to Planetary Interaction. |
Othran
Brutor Tribe
|
Posted - 2011.04.11 18:36:00 -
[3]
Originally by: Suitonia The Scrapheap Challenge DB has been compromised because of Calmdown's terrible security questions and apparently all the passwords were saved in an unhashed format. If you have reused your Scrapheap Challenge password for any other website, your eve account, email or bank account then you should absolutely change them right away.
Not trolling you here but have you not sussed SHC before now? Really?
|
Ranger 1
Amarr Paragon Fury Cascade Imminent
|
Posted - 2011.04.11 19:13:00 -
[4]
This appears to be "Banned Botter Retaliation Day" part two.
===== The world will not end in 2012, however there will be a serious nerf to Planetary Interaction. |
Ix Forres
Caldari Righteous Chaps
|
Posted - 2011.04.11 19:19:00 -
[5]
Originally by: Ranger 1 Puts a slightly different light on CCP's forum woe's.
Like hell it does. CCP is a 600-man organization with some very clever people working there (though not in the webcell, apparently). SHC was run by one dude who barely touched the site in years and who was not exactly particularly bright. CCP has no excuse other than gross incompetence on the part of some people working there and their managers. SHC, it's to be expected almost.
Also- the leak of passwords etc is alleged, there's yet to be any proof that it's actually been leaked or that passwords were in the clear. -- Ix Forres - Used to be a third party developer, now a full-time bittervet |
Liang Nuren
|
Posted - 2011.04.11 19:23:00 -
[6]
Mother ****er. I changed the wrong set of passwords. :sigh:
-Liang -- Eve Forum ***** Extraordinaire On Twitter
|
Ranger 1
Amarr Paragon Fury Cascade Imminent
|
Posted - 2011.04.11 19:44:00 -
[7]
Originally by: Ix Forres
Originally by: Ranger 1 Puts a slightly different light on CCP's forum woe's.
Like hell it does. CCP is a 600-man organization with some very clever people working there (though not in the webcell, apparently). SHC was run by one dude who barely touched the site in years and who was not exactly particularly bright. CCP has no excuse other than gross incompetence on the part of some people working there and their managers. SHC, it's to be expected almost.
Also- the leak of passwords etc is alleged, there's yet to be any proof that it's actually been leaked or that passwords were in the clear.
And yet SHC (and the forums software that he has used for years) has been brought down completely.
I don't disagree that a forum (new, old, out of the box, or custom built) should be able to withstand a concerted effort to bring it down. However, if you were here the first time we went through this you know that the botting community is very clever and very persistant. The brand new forums must have been a very tempting target.
I'm just saying that there is more to this than "if they had listened to me, they wouldn't be having these problems".
===== The world will not end in 2012, however there will be a serious nerf to Planetary Interaction. |
Emperor Cheney
Celebrity Sex Tape
|
Posted - 2011.04.11 22:22:00 -
[8]
bump. people should see this. should be stickied.
|
Sullen Skoung
|
Posted - 2011.04.11 22:33:00 -
[9]
Originally by: Emperor Cheney bump. people should see this. should be stickied.
somehow I doubt the CCP guys are gonna sticky a thread about another site
|
Emperor Cheney
Celebrity Sex Tape
|
Posted - 2011.04.11 22:44:00 -
[10]
Originally by: Sullen Skoung
Originally by: Emperor Cheney bump. people should see this. should be stickied.
somehow I doubt the CCP guys are gonna sticky a thread about another site
They might wish they did, if the rumors are true, and someone decides to start compromising hundreds of EVE accounts. I'm going to guess a good fraction of scrapheap users used the same pw on EVE. Not a knock on scrapheap, just a knock on human nature.
|
|
Suitonia
Gallente Genos Occidere HYDRA RELOADED
|
Posted - 2011.04.11 22:52:00 -
[11]
There was over 10,000 accounts on Scrapheap Challenge.com so it's not like it's a barely viewed website. Potential for quite a few hundred accounts to become compromised if people re-used their passwords. ---
|
syphurous
Gallente Center for Advanced Studies
|
Posted - 2011.04.11 22:52:00 -
[12]
People still stupid enough to use same username and password combos for multiple things, pretty much asking for it,.. Most people will read this thinking it's part of my post, when its actually my sig :P
|
Sullen Skoung
|
Posted - 2011.04.11 22:58:00 -
[13]
Edited by: Sullen Skoung on 11/04/2011 23:00:45
Originally by: Emperor Cheney
Originally by: Sullen Skoung
Originally by: Emperor Cheney bump. people should see this. should be stickied.
somehow I doubt the CCP guys are gonna sticky a thread about another site
They might wish they did, if the rumors are true, and someone decides to start compromising hundreds of EVE accounts. I'm going to guess a good fraction of scrapheap users used the same pw on EVE. Not a knock on scrapheap, just a knock on human nature.
I think theyd chalk it up to ppl being stupid, cause thats what you have to be to know what the security is like on SHC and then STILL use the same login there as here
and stupid falls in the realm of the user's ****up not the game company's ****up
|
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.11 23:01:00 -
[14]
Let's see...
Different account name ? Check. Different password ? Check. Different registration e-mail ? Check.
What, did you expect me to use even a single one of the relevant bits on a 3rd party site ? LOL. _
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST ! "New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Shar Tegral
|
Posted - 2011.04.11 23:32:00 -
[15]
Originally by: Akita T Different account name ? Check. Different password ? Check. Different registration e-mail ? Check.
What, did you expect me to use even a single one of the relevant bits on a 3rd party site ?
My very rare but extra special: ^^^^ This.
Wealth, howsoever got, in Eve makes Lords of morons and gentlemen of thieves; Aptitude and intellect are needless here; 'Tis impudence and money that grants fame. |
Marlenus
Ironfleet Towing And Salvage
|
Posted - 2011.04.12 00:52:00 -
[16]
I can't believe I'm "THIS"-ing an AkitaT post, but I am. Seriously. How many alliance forum databases go to the great hacker paradise in the sky? Eventually, all of them.
You just don't use the same info for 3rd-party EVE websites as your account info. YOU JUST DON'T. ------------------ Ironfleet.com |
Suitonia
Gallente Genos Occidere HYDRA RELOADED
|
Posted - 2011.04.12 00:55:00 -
[17]
Originally by: Akita T Let's see...
Different account name ? Check. Different password ? Check. Different registration e-mail ? Check.
What, did you expect me to use even a single one of the relevant bits on a 3rd party site ? LOL.
Cannot be not-empty quoted enough. I really recommend using a good password generator. Unfortunately not everyone has the patience to re-use multiple passwords/emails or install software which makes it easy and as such, there is a possibility for them to become compromised, just giving those people the heads-up. ---
|
Jon Taggart
State War Academy
|
Posted - 2011.04.12 00:57:00 -
[18]
Edited by: Jon Taggart on 12/04/2011 00:56:53
Originally by: Suitonia
Originally by: Akita T Let's see...
Different account name ? Check. Different password ? Check. Different registration e-mail ? Check.
What, did you expect me to use even a single one of the relevant bits on a 3rd party site ? LOL.
Cannot be not-empty quoted enough. I really recommend using a good password generator. Unfortunately not everyone has the patience to re-use multiple passwords/emails or install software which makes it easy and as such, there is a possibility for them to become compromised, just giving those people the heads-up.
I should be safe. I always use Lexington69 as my username and 135790 as my password for nearly everything I use.
Edit - Oh crap.
I'm not an alt |
Akita T
Caldari Navy Volunteer Task Force
|
Posted - 2011.04.12 01:05:00 -
[19]
Originally by: Jon Taggart I should be safe. I always use Hunter00 as my username and 12345 as my password for nearly everything I use. Edit - Oh crap.
I only see ******** and ***** ?
_
CCP LEADERSHIP MENTALITY NEEDS TO CHANGE FAST ! "New junky features sell, old polished content doesn't" ? KILL IT WITH FIRE. |
Q Command
|
Posted - 2011.04.12 04:57:00 -
[20]
I think I would be more concerned about how CCP handles credit card information.
It is fairly obvious that their attitude towards security warrants the concern. Couple that with the questionable hiring practices and you have a nice recipe for disaster.
It isn't like 'goons' aren't known for their scamming.....
|
|
Deviana Sevidon
Gallente Panta-Rhei Butterfly Effect Alliance
|
Posted - 2011.04.12 06:29:00 -
[21]
I use 1234 as a code for my coffer and for everything else. Anything wrong with that?
Quote: Disclaimer: All mentioned above contains my opinion and is therefore an absolute truth (for me anyway, my universe, muhahaha.....ok, done
|
Mal Darkrunner
Caldari Zero Tau Research Institute
|
Posted - 2011.04.12 07:39:00 -
[22]
Originally by: Akita T Let's see...
Different account name ? Check. Different password ? Check. Different registration e-mail ? Check.
What, did you expect me to use even a single one of the relevant bits on a 3rd party site ? LOL.
QFT
|
Alpheias
Euphoria Released
|
Posted - 2011.04.12 08:04:00 -
[23]
Originally by: Mal Darkrunner
Originally by: Akita T Let's see...
Different account name ? Check. Different password ? Check. Different registration e-mail ? Check.
What, did you expect me to use even a single one of the relevant bits on a 3rd party site ? LOL.
QFT
Amazing how it is still something you have to almost educate people about.
♫ When your ship gets blown to bits ♫ And you lose your Faction fits \☻/ Don't worry ♪ ♫ ♪ ♫ ♫ ♪ ♫ ♪ Be Happy \☻/ |
Plave Okice
Krazny Oktyabr Revolyutsiya Yezhovshchina
|
Posted - 2011.04.12 08:08:00 -
[24]
Originally by: Suitonia apparently all the passwords were saved in an unhashed format
Not true, phpbb passwords are hashed with http://www.openwall.com/phpass/
|
|
CCP Wrangler
|
Posted - 2011.04.12 13:02:00 -
[25]
Please check out this thread for more information. You're also welcome to continue the discussion in that thread.
Wrangler Senior Community Manager CCP Hf, EVE Online Contact us
If it's stupid but works, it isn't stupid. |
|
|
|
|
Pages: [1] :: one page |
First page | Previous page | Next page | Last page |