Jump to content

- - - - -

Dec 13Th Incident - Official Response


328 replies to this topic

#321 Voideka

    Rookie

  • Ace Of Spades
  • 1 posts

Posted 05 January 2013 - 04:07 PM

Getting more spam email at my unique address. This is my first post and maybe my second login to the forums here, and that includes the initial log in on first registering an account. My profile here is devoid of any information, so a simple scrape or something wouldn't do it.

#322 Lon3Wo1f

    Member

  • PipPipPipPipPip
  • Legendary Founder
  • Legendary Founder
  • 156 posts
  • LocationUK

Posted 06 January 2013 - 12:50 PM

Can we please have some official update in response to what has happened? Clearly some email addresses were stolen / lifted from a database as there are a number of people posting that have had both the original spam at the time of the incident and have continued to receive spam. Despite this the original post still maintains that no email addresses were stolen.

The sort of uncertainty left by this is worrying because if my email address was stolen and you (PGI) claim otherwise then it makes me also question what you say about credit card information, passwords and other details you may hold. This really needs to be addressed officially for clarity at the very least.

#323 Inertiaman

    Member

  • PipPipPipPipPipPipPip
  • 865 posts

Posted 07 January 2013 - 06:39 AM

Even though I really want some more mechbays - I wouldn't put my card details within 100 miles of this site now. I though the original response to this shameful, and nothing has been done to alleviate that pov.

#324 PerfectTommy

    Member

  • PipPipPipPipPip
  • FP Veteran - Beta 1
  • FP Veteran - Beta 1
  • 193 posts

Posted 07 January 2013 - 10:57 AM

I cannot fathom why there's no system to allow users to update e-mail addresses and passwords for their accounts.



-PT

#325 Inertiaman

    Member

  • PipPipPipPipPipPipPip
  • 865 posts

Posted 07 January 2013 - 11:32 AM

That tech is owned by the clans so will not be available until this summer.

#326 DragonsFire

    Member

  • PipPipPipPipPipPipPip
  • Wrath
  • Wrath
  • 655 posts

Posted 07 January 2013 - 12:12 PM

View PostLon3Wo1f, on 06 January 2013 - 12:50 PM, said:

Can we please have some official update in response to what has happened? Clearly some email addresses were stolen / lifted from a database as there are a number of people posting that have had both the original spam at the time of the incident and have continued to receive spam. Despite this the original post still maintains that no email addresses were stolen.

The sort of uncertainty left by this is worrying because if my email address was stolen and you (PGI) claim otherwise then it makes me also question what you say about credit card information, passwords and other details you may hold. This really needs to be addressed officially for clarity at the very least.


The official response was posted in the OP. The details of how to fix the Firefox related issue that cropped up as a result was listed on Page 17 by KnightsOfOni.

Your credit card information is secure from this particular issue as it is handled by a third party source, not PGI.

Additionally, it has been seen that multiple forums across the internet running this particular software experienced the same issue, so this is not an isolated incident to just PGI,

All that being said, no system is immune to being compromised. If it were, security professionals would work themselves out of a job. My Blizzard account was hacked the other day. I haven't logged into it in 5+ months, unique e-mail, etc. Am I going to go rage a storm up and down at Blizzard for that? Why would I? It's certainly not their 'fault' because some hacker targeted my account.

In the same vein, why rage at PGI (other than for the pure joy that some seem to take in doing it) for the very nature of the internet which we all choose to partake in. Just as there is a risk with simply getting out of bed every day, there is an inherent risk with doing anything online, and that risk can be minimized, but never completely eliminated.

Edited by DragonsFire, 07 January 2013 - 12:13 PM.


#327 Bishop Steiner

    ForumWarrior

  • PipPipPipPipPipPipPipPipPipPipPipPipPipPipPip
  • The Hammer
  • The Hammer
  • 47,187 posts
  • Locationclimbing Mt Tryhard, one smoldering Meta-Mech corpse at a time

Posted 07 January 2013 - 12:13 PM

View PostKnights0fNi, on 24 December 2012 - 12:43 PM, said:

Ok, so I was also experiencing the issue where the warning continues to appear, and I believe I have fixed the problem. First of all, follow these instructions AT YOUR OWN RISK it doesn’t appear to have damaged my FF in any way but who knows? Second, I only did this about 10 minutes ago, so I am not %100 sure it fixed the problem. I'll come back and edit this if I see the warning again.

Also I am running Firefox 17.0.1 on Windows 7 64-bit, so if you dont have the same OS or version of FF I would be cautious about trying this, furthermore if you arent running Windows 7 or Vista the folders are going to be in alternate locations so you are going to have to fish about a bit to find your local profile. I'll post a list of probable locations for some different OS's at the bottom.

So, what I did, after a little research, and with the browser closed, was move all the files in the Firefox safebrowsing folder and allow the browser to repopulate the files after relaunching it. Firefox apparently stores its local cache of safe browsing information in:

C:\Users\[USERNAME]\AppData\Local\Mozilla\Firefox\Profiles\[RANDOM STRING].default\safebrowsing

This is only for Windows 7 and Vista and for the default profile. If you have multiple profiles on the machine, each will have its own profile in the Profiles folder. They will be called [RANDOM STRING].[PROFILE NAME]. Also please note that this location is within a hidden folder or two so if you don’t have hidden folders shown, you will need to go to Control Panel and then Folder Options, and then the View tab and select "Show hidden files, folders and drives" and uncheck "Hide protected operating system files (recommended)". You can put this back later if you wish.

I moved every file in the safebrowsing folder for the profile I am using to a different folder on my desktop (so I could put them back if there was a problem, I recommend you do the same thing) and then relaunched the browser. It then, eventually, rebuilt all the files, some right away and some after a period.

Firefox is supposed to update its safe browsing information periodically, and recheck with Google every time it delivers a warning, but this system can apparently go FUBAR and it will store lists of bad pages locally and continue to report on them without properly updating or re-consulting the online list. I suspect that it would have eventually gotten fixed when the browser did a random update, but wiping out the files in that folder seems to force the browser to download a new list.

Alternate OS folder locations are listed below, you are looking for the safebrowsing folder under each profile experiencing the problem. Also, I have not done this on any other OS and have NO IDEA what it may or may not do to your machine or even if the safebrowsing folder definitely exists under the same name in different OS's, its a good bet though. I got the following from digging around on the interwebs.
Profile folder is PROBABLY located:
XP:
C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\

OR I suspect

C:\Documents and Settings\[YOUR USERNAME]\Local Settings\Application Data\Mozilla\Firefox\Profiles\

In Linux and Unix:
~/.mozilla/firefox/profile
In MAC:
~/Library/Mozilla/Firefox/Profiles/<profile folder>
or
~/Library/Application Support/Firefox/Profiles/<profile folder>

Hope this helps.

[Edited for spelling, formatting, typos, etc.]

I just typed "safebrowsing" into my start-up search box, it listed a single item "Attack site". I opened it, saw it referred directly to a topic in MWO, and deleted it.

Restarted FF and seems to be clear now.

I tried using the tree you showed, but maybe due to version or whatnot, once I got to the "RANDOM STRING" bit, and opened the folder, there was no safebrowsing listed, just various caches.

So I went and tried what I posted, and found it. Dunno why my directory is odd that way. I am using Windows 7 64 bit and whatever FF version updated on 12-5-12

Regardless, the info you provided got me started, I prefer chromes speed anyhow, but it was annoying the crap outta me seeing that message on FF>

Edited by Bishop Steiner, 07 January 2013 - 12:15 PM.






1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users