Security and Privacy Issue : May-2014

[Pat123]

This is certainly annoying and possibly dangerous. I appreciate the moderators and staff's efforts to fix this. It is certainly much more work than they were planning to do this month.

Most users have randomly-assigned IP addresses that is changed with each new start-up. This allows an IP to re-use the same addresses. Unless you intentionally set your connection so that a specific IP address is used, you may want to see if yours is non-random. This can be a sign your computer has been targeted. Your IP provider can help you check this and, if necessary, restore the random IP feature.

A simple trick one IP person told me was to set up a non-admin user on your computer and use it when surfing the web. A limited user is not able to install software, so if malware tries to latch on to you, it can't get a hold. At least, that is the theory. Of course, keep your anti-virus and anti-malware software going, too. You will have to use the admin user name when updating software, but then you'd be visiting trusted sites.

And, join with me in wishing all people who make this malware and virus software catch a painful incurable rash in an embarrassing location. ^_^

[sneaker]

As others have said before: IP addresses are worthless. If you torrent all the other peers see your IP. Every website you visit can see your IP. If I post a picture in this forum hosted on my server I will have your IP. It's not really much to worry about.

If you run Windows Vista or later most programs run with user rights because of the UAC anyways, but the use is very limited since most interesting stuff (personal documents, keylogging) happens in user space.

[SeijiSensei]

There's always Linux ....

[GHDpro]

Quote:

Originally Posted by SeijiSensei

There's always Linux ....

Indeed there is*

Really though, we could implement all the security you can imagine but what in these cases would be the number one thing that could help you avoid further trouble (beyond the site hacked in question) is never reuse your passwords and to make sure your passwords are fully random & not easily guessable. Password manages can help with that.

*) This news report is ~1 year old for those worried it being a new thing

[Guardian Enzo]

Thanks for sharing that - Ebay password changed...

[Flower]

Quote:

Originally Posted by SeijiSensei

There's always Linux ....

Darn ... I prefer Mint.

With Cinnamon preferably....

[Meomix]

I had to register a new account because as far as i'm concerned i was never going to get my old account back, email address recovery failed spectacularly.

[SPARTAN 119]

This is three times in a row now that I've had to reset my password. I haven't been keeping up with this thread since the first time we were hacked. Are there still security issues on this site?

[Solace]

Quote:

Originally Posted by Meomix

I had to register a new account because as far as i'm concerned i was never going to get my old account back, email address recovery failed spectacularly.

Contact an admin if you can't access your old account. Duplicate accounts are a bannable offense since the most common reason for creating another account is to circumvent an existing ban.

Quote:

Originally Posted by SPARTAN 119

Are there still security issues on this site?

The security issues were taken care of.

[sneaker]

Quote:

Originally Posted by SeijiSensei

There's always Linux ....

Linux distributions have the same root(=admin)/user problem as Windows: you can't change the system files as a simple user and that's about it.

[Meomix]

Quote:

Originally Posted by Solace

Contact an admin if you can't access your old account. Duplicate accounts are a bannable offense since the most common reason for creating another account is to circumvent an existing ban.



The security issues were taken care of.

Looks like you guys replied to the wrong account =_= i'll resend a request again.

[SeijiSensei]

Quote:

Originally Posted by GHDpro

Indeed there is*

I mentioned that event earlier. That hack also exploited a disused administrative login on a vBulletin site.

As for the notion that having your laptop stolen means losing private files, well of course it does. That's not the issue being discussed here, though. People were talking about malware infestations happening while using their own computers.

I've used Linux for nearly two decades now without any sort of antivirus or other types of protection. I've encountered malware exactly once, when the New York Times site was exploited to distribute the "Antivirus 2010" scam. That used Javascript and did not touch the machine's internals at all.

[sneaker]

Quote:

Originally Posted by SeijiSensei

As for the notion that having your laptop stolen means losing private files, well of course it does. That's not the issue being discussed here, though. People were talking about malware infestations happening while using their own computers.

That's also what I'm talking about. Typical malware does not need admin/root rights to do its work. User rights are perfectly sufficient to access/delete/encrypt all your private data(documents, videos, mails), monitor your activities (log passwords and browser history) and use your mic and webcam.

[Reverzer0]

Quote:

Originally Posted by Lefteris_D

Yeah, the news hit just today and considering most ebay users have the same password in their paypal (many people make paypal accounts to buy from ebay) you may want to be careful!

And no, paypal is save, only ebay got hacked.

Sorry for the hackers, i don't have an account in ebay & btw, this is only the site i member with the issue of being hacked.

[Liddo-kun]

I've just noticed..

Some people that I've recently befriended have been removed from my friends list. And some of the visitor message that I've posted on other's profiles (before the hack) has been removed. Maybe it's because Animesuki got "restored from backups? I guess the unfriending is a minor thing (simply sent friend requests again). Just want to let the mods know that it happened.

[Pellissier]

Quote:

Originally Posted by Liddo-kun

I've just noticed..

Some people that I've recently befriended have been removed from my friends list. And some of the visitor message that I've posted on other's profiles (before the hack) has been removed. Maybe it's because Animesuki got "restored from backups? I guess the unfriending is a minor thing (simply sent friend requests again). Just want to let the mods know that it happened.

Pms, vms, friendships, albums etc. got rolled back to April 28th. Any activity after that day (aside from posts) has been lost. So yes, unfortunately it's normal.

[ArabianLuffy]

It pisses me off when it happens. Attacking forums for no reason. I wanna kill those bastards.

[TheLuigi755]

Quote:

Originally Posted by Hiss13

Is there anything the hacker can probably do with the IP Addresses of the users? That's the one thing I'm worried about here...

Those worries should be eliminated with ZenMate and LastPass (you can get it for Chrome, ZenMate masks your real IP address, LastPass basically adds further encryption to your passwords and can also remember them). I first used ZenMate to get around geo-blocks, but now with this bullshit happening, I expect to use it on a daily basis.

[Guardian Enzo]

Quote:

Originally Posted by TheLuigi755

Those worries should be eliminated with ZenMate and LastPass (you can get it for Chrome, ZenMate masks your real IP address, LastPass basically adds further encryption to your passwords and can also remember them). I first used ZenMate to get around geo-blocks, but now with this bullshit happening, I expect to use it on a daily basis.

I've thought about using ZenMate (as an American living in Japan the appeal is obvious enough) but a lot of the more recent reviews seem to indicate that it's dramatically slowing the browsing experience, so I'm a little leery.

[Archon_Wing]

Oh, so all my PMs since then are gone? Pity, I never read them.

Not that I read them anyways. just saying