Jump to content

- - - - -

Dec 13Th Incident - Official Response


328 replies to this topic

#101 xenoglyph

    Member

  • PipPipPipPipPipPipPipPip
  • 1,480 posts
  • LocationSan Diego

Posted 13 December 2012 - 07:34 PM

View PostTruePoindexter, on 13 December 2012 - 07:29 PM, said:

I have not receive the email. If the forum was compromised first I should have received it. Since I did not receive it and we know the forum was compromised afterwards I'm going to go with an external source of emails was found or whoever it was that did this simply pieced together functioning email addresses through deciphering what people post on the forums. Once someone was dumb enough to click the link and forfeit their login information it's child's play to then behave as a user and inject illicit code.


[Redacted] My email addresses (including one specifically for MWO) have no relation to my screen names or anything else on the forums. They couldn't be guessed. They were stolen somehow, that's already been established. What we, the people affected by this crime, would like to know is....how did it happen and what's the extent of the damage?

Edited by Niko Snow, 14 December 2012 - 12:59 AM.
CoC


#102 anonymous175

    Member

  • PipPipPipPipPipPipPipPip
  • Bad Company
  • 1,195 posts

Posted 13 December 2012 - 07:40 PM

Your bank accounts will be emptied out. Your loved ones sold into slavery. And you will be beaten half dead and buried in the cornfields in Iowa.

#103 TruePoindexter

    Member

  • PipPipPipPipPipPipPipPipPip
  • 2,605 posts
  • Facebook: Link
  • Location127.0.0.1

Posted 13 December 2012 - 07:43 PM

View Postxenoglyph, on 13 December 2012 - 07:34 PM, said:

[Redacted] My email addresses (including one specifically for MWO) have no relation to my screen names or anything else on the forums. They couldn't be guessed. They were stolen somehow, that's already been established. What we, the people affected by this crime, would like to know is....how did it happen and what's the extent of the damage?


My experience has taught me when a user gets defensive they have something to hide that they don't want to tell you. I'll write it off that you're simply indignant about the possibility of a different source being used to find your email.

The thing is that your email wasn't stolen from here. The only way that would have happened is if the forum DB were accessed and that is not the case. Your email was acquired somewhere else. Trial and error? Some other social site being compromised? You publishing it somewhere else and forgetting that you did so? Either way trying to set PGI on fire for it is like blaming the bank for getting robbed.

View PostZeno Scarborough, on 13 December 2012 - 07:40 PM, said:

Your bank accounts will be emptied out. Your loved ones sold into slavery. And you will be beaten half dead and buried in the cornfields in Iowa.

At least I'll have corn.

Edited by Niko Snow, 13 December 2012 - 09:34 PM.
Quote Clean-up (Sweet sweet corn)


#104 Damion Wolf

    Member

  • PipPipPipPipPipPip
  • Bad Company
  • Bad Company
  • 210 posts

Posted 13 December 2012 - 07:43 PM

View PostTer Ushaka, on 13 December 2012 - 04:33 PM, said:

To change password:
1. Log out
2. Go to log in
3. Click "forgot password."
4. Wait for email with further instructions.


Lol, logic win.

#105 Lin Shai

    Member

  • PipPipPipPipPipPipPipPipPip
  • 2,401 posts
  • Facebook: Link
  • LocationDenver, CO

Posted 13 December 2012 - 07:45 PM

View PostTruePoindexter, on 13 December 2012 - 07:31 PM, said:

I have not received the email. If the forum was compromised first I should have received it. Since I did not receive it and we know the forum was compromised afterwards I'm going to go with an external source of emails was found or whoever it was that did this simply pieced together functioning email addresses through deciphering what people post on the forums.


[Redacted]

Do you understand how email works? Your ISP may have dropped it entirely rather than delivering it to your 'spam' box based on the sending IP, their own anti-spam, or the fact that (looking at the headers) it isn't signed with DKIM or DomainKeys, nor even has a SPF record.

As for me "hating" PGI? Again, I'm curious about the head injury.

What I do hate is ignorance and incompetence (and deceit, though I'm really leaning toward incompetence).

Fact: This site was compromised and was serving malware.
Fact: At the same exact time, MWO users, including myself, who run their own domains and have specific-use email aliases (That, no ... you could't "Piece together from what I post") received the exact same spam email to those aliases which no not receive spam because they aren't used anywhere else.
Fact: PGI says, "Nothing happened, move along".

See, I don't have to make up possible ways things could have happened to wave away reality, I just look at what actually did happen.

But keep on keeping on defending a company for ... whatever reason it is you have to do so. Me? I'm going to go with "They got owned".

Edited by Niko Snow, 14 December 2012 - 12:59 AM.
CoC


#106 xenoglyph

    Member

  • PipPipPipPipPipPipPipPip
  • 1,480 posts
  • LocationSan Diego

Posted 13 December 2012 - 07:47 PM

View PostTruePoindexter, on 13 December 2012 - 07:31 PM, said:

Also it would be pretty clear if someone got into the DB as the logs would immediately reflect this. If someone had gotten access to the DB directly you can rest assured that any self respecting admin would force a universal password reset.


[Redacted] A site as large and busy as this, any log that they did have would be overwritten in like 5 minutes by normal usage. That's craziness, people don't configure their dbs that way.

Edited by Niko Snow, 14 December 2012 - 01:00 AM.
CoC


#107 anonymous175

    Member

  • PipPipPipPipPipPipPipPip
  • Bad Company
  • 1,195 posts

Posted 13 December 2012 - 07:49 PM

I hope they don't steal my Steiner banner.

#108 Lin Shai

    Member

  • PipPipPipPipPipPipPipPipPip
  • 2,401 posts
  • Facebook: Link
  • LocationDenver, CO

Posted 13 December 2012 - 07:49 PM

View Postxenoglyph, on 13 December 2012 - 07:34 PM, said:

[Redacted] My email addresses (including one specifically for MWO) have no relation to my screen names or anything else on the forums. They couldn't be guessed. They were stolen somehow, that's already been established. What we, the people affected by this crime, would like to know is....how did it happen and what's the extent of the damage?


To be fair, that's pretty much it. It's all the info they have. Just change your MWO password ::shrug:: It's unlikely there's a market for selling MWO accounts anyway.

Unfortunately you can't create another email alias to use because you can't change your MWO email address.

Edited by Niko Snow, 13 December 2012 - 09:39 PM.
Quote Clean-up


#109 TruePoindexter

    Member

  • PipPipPipPipPipPipPipPipPip
  • 2,605 posts
  • Facebook: Link
  • Location127.0.0.1

Posted 13 December 2012 - 07:59 PM

Wow... ok so try to correct/inform people and they glad handle/insult you. Awesome.

Carry on then. B)

#110 anonymous175

    Member

  • PipPipPipPipPipPipPipPip
  • Bad Company
  • 1,195 posts

Posted 13 December 2012 - 08:02 PM

View PostTruePoindexter, on 13 December 2012 - 07:59 PM, said:

Wow... ok so try to correct/inform people and they glad handle/insult you. Awesome.

Carry on then. B)

In either situation, if an attack seems imminent, stay calm and get ready to defend yourself. Balance your body in the classic boxer stance, standing and moving like a boxer. Face your opponent and raise your hands to protect your face and neck, keeping your elbows close to your body. Bend your knees, with one leg slightly forward, and spread your feet about the width of your shoulders.

When you're attacked, watch the guy's hands, not his face. You can react quicker to a swinging fist if you see the arm being cocked. If the guy has a knife, you will want to know that quickly and keep your eyes on it so you can react. Don't panic or you might freeze up.

And don't be afraid to yell for help -- it's not effeminate if you come out of it alive. Someone might come to your aid.

#111 Elddric

    Member

  • PipPip
  • 33 posts
  • LocationMD.US.North-America@Earth.Sol.Milkyway

Posted 13 December 2012 - 08:04 PM

View Postxenoglyph, on 13 December 2012 - 07:47 PM, said:


LOL, you call a guy out for not knowing anything about security..then you suggest they have a general log configured for the db? You know how silly that sounds, right? A site as large and busy as this, any log that they did have would be overwritten in like 5 minutes by normal usage. That's craziness, people don't configure their dbs that way.


Actually..... i work for a company that counters your statement .... we have logs from over 5000 terminals processing hundreds of transactions per second each that go back years. We run reports that span years to gather sales data. Db logs are better than you think.

If something was amiss we would all be askd to reset.

#112 Irreverence

    Member

  • PipPipPipPipPipPipPip
  • 777 posts
  • LocationFlorida

Posted 13 December 2012 - 08:05 PM

View PostZeno Scarborough, on 13 December 2012 - 08:02 PM, said:

When you're attacked, watch the guy's hands, not his face. You can react quicker to a swinging fist if you see the arm being cocked.

He'll just kick you.

#113 anonymous175

    Member

  • PipPipPipPipPipPipPipPip
  • Bad Company
  • 1,195 posts

Posted 13 December 2012 - 08:08 PM

View PostIrreverence, on 13 December 2012 - 08:05 PM, said:

He'll just kick you.

Then I hope you changed your password.

#114 Kahoumono

    Member

  • PipPipPipPipPipPip
  • 306 posts

Posted 13 December 2012 - 08:09 PM

Is it safe yet? I am going to keep a nerf blaster under my pillow just in case.

#115 Elddric

    Member

  • PipPip
  • 33 posts
  • LocationMD.US.North-America@Earth.Sol.Milkyway

Posted 13 December 2012 - 08:12 PM

I keep a marshmellow gun loaded next to my bed just in case.

#116 Azalie

    Member

  • PipPipPipPipPipPip
  • Ace Of Spades
  • Ace Of Spades
  • 341 posts
  • LocationThe Warp

Posted 13 December 2012 - 08:12 PM

I'm supposed to be watching my salt so I would appreciate it if my password were unsalted.

#117 Ascendent

    Member

  • PipPipPipPipPip
  • 189 posts

Posted 13 December 2012 - 08:14 PM

Thanks for keeping us informed.

#118 Lin Shai

    Member

  • PipPipPipPipPipPipPipPipPip
  • 2,401 posts
  • Facebook: Link
  • LocationDenver, CO

Posted 13 December 2012 - 08:27 PM

View PostElddric, on 13 December 2012 - 08:04 PM, said:

Actually..... i work for a company that counters your statement .... we have logs from over 5000 terminals processing hundreds of transactions per second each that go back years. We run reports that span years to gather sales data. Db logs are better than you think.


(5000 * ((100 x 60) * 60) * 24) = 43,200,000,000 transactions per day.

Now that's only 100 per second, rather than hundreds and if those were say .. just 50 bytes each (not much info there) ... you'd be talking 2,150,000,000,000 bytes, or a little over two terabytes of data a day. Even at the best case with the best compression algo (which isn't going to happen) you're still in the 125 gigabyte a day range, which means in a year you're at ... roughly 45 terabytes.

Realistically, lets say you're you're getting 8:1 compression rather than 16:1 (far more plausible) but we'll still stay with the tiny 50 bytes per transaction at 100 per second. That puts you at 90 Terabytes a year.

Where ya storing years of that where you can do analysis?

Just curious, because when you look at big data systems that can do that like TerraData, Hadoop, Greenplum, etc ... you also get replication (to provide fault tolerance) so you're in the half a Petabyte range, at least, which is a lot of nodes and is up there with some of the largest installs I'm aware of.

Where do you work? Sounds cool.

Edited by Lin Shai, 13 December 2012 - 08:40 PM.


#119 Iwaslost

    Member

  • PipPipPipPipPipPip
  • 236 posts

Posted 13 December 2012 - 08:30 PM

So quick Google search makes it seem that MWO players are not the only people getting that weird email.

#120 TruePoindexter

    Member

  • PipPipPipPipPipPipPipPipPip
  • 2,605 posts
  • Facebook: Link
  • Location127.0.0.1

Posted 13 December 2012 - 08:32 PM

View PostIwaslost, on 13 December 2012 - 08:30 PM, said:

So quick Google search makes it seem that MWO players are not the only people getting that weird email.


Funny how being right feels.





3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users