Pages: [1] 2 3 :: one page |
|
Author |
Thread Statistics | Show CCP posts - 1 post(s) |
|
CCP Fallout
|
Posted - 2009.09.23 11:59:00 -
[1]
CCP Ginger, the ISD Volunteer Manager, clues us in to some recent events of interest in his newest dev blog.
Fallout Associate Community Manager CCP Hf, EVE Online Contact us |
|
Tiberius Adama
Amarr Capital Banking and Investment
|
Posted - 2009.09.23 12:07:00 -
[2]
So can you provide information on what specifics they stole?
"EVE's volunteer program, were compromised which led to the theft of some volunteer program related data but also information about specific volunteers."
|
An Anarchyyt
Gallente Battlestars GoonSwarm
|
Posted - 2009.09.23 12:08:00 -
[3]
I like this new blog, it claims it is about what happens, but it completely ignores what actually happend.
Originally by: CCP Wrangler Second, a gentile is a non jewish person
|
|
Chribba
Otherworld Enterprises Otherworld Empire
|
Posted - 2009.09.23 12:09:00 -
[4]
Edited by: Chribba on 23/09/2009 12:09:51 nm, found the answer I think.
|
|
Mashie Saldana
BFG Tech
|
Posted - 2009.09.23 12:36:00 -
[5]
This blog could be replaced with a single line:
"We're sorry, something happened."
|
Jowen Datloran
Caldari Science and Trade Institute
|
Posted - 2009.09.23 12:39:00 -
[6]
I wonder if this blog will manage to generate at least one page of responses. ---------------- Mr. Science & Trade Institute
|
ArmyOfMe
The Athiest Syndicate Advocated Destruction
|
Posted - 2009.09.23 12:44:00 -
[7]
so what your saying is that something happend?
|
Taladool
|
Posted - 2009.09.23 12:46:00 -
[8]
Edited by: Taladool on 23/09/2009 12:49:10 CCP if your going to announce something, it makes more sense to, IDK, announce it... needless to say, we have no clue what it is your talking about.
EDIT: IDK WHAT THEY ARE TALKING ABOUT...
but I bet a member of ISD, went to one of those fake logon pages via e-mail and now there was an isk spammer out there with teal or green text lol....
|
Jadal McPieksu
|
Posted - 2009.09.23 12:56:00 -
[9]
Quote:
All players, particularly those who are or have been in the EVE Online volunteer program, should be aware that any e-mails sent from the @eve-crc.net domain are bogus and have been sent from someone pretending to be an official representative of CCP.
Guess based on this: Someone fell for a social engineering email designed to milk information/passwords/whatever...
Sadly no amount of policy or computer-based security will fix the weakest link - humans.
|
Shandas
Gallente Garoun Investment Bank
|
Posted - 2009.09.23 12:58:00 -
[10]
Edited by: Shandas on 23/09/2009 13:05:02 Edited by: Shandas on 23/09/2009 13:04:13
Originally by: Taladool Edited by: Taladool on 23/09/2009 12:49:10 CCP if your going to announce something, it makes more sense to, IDK, announce it... needless to say, we have no clue what it is your talking about.
EDIT: IDK WHAT THEY ARE TALKING ABOUT...
but I bet a member of ISD, went to one of those fake logon pages via e-mail and now there was an isk spammer out there with teal or green text lol....
Anyway, glad you find all this humorous, I don't in anyway. How would you feel if you were in the volunteer program and suddenly it was compromised? What if who ever that compromised it really did have access to a ISD account and started using it to steal other peoples accounts? What if you worked at CCP as a DEV and suddenly everyone in game knew your characters name and you started getting spammed?
There is a reason DEV'S and ISD stay anonomyous and this person might have potentially compromised that. There is not one thing funny about this and you shouldn't think it was funny.
I'm just glad they didn't get a hold of customer info and the like and it wasn't too serious.
|
|
Taladool
|
Posted - 2009.09.23 13:04:00 -
[11]
Originally by: Shandas
Originally by: Taladool Edited by: Taladool on 23/09/2009 12:49:10 CCP if your going to announce something, it makes more sense to, IDK, announce it... needless to say, we have no clue what it is your talking about.
EDIT: IDK WHAT THEY ARE TALKING ABOUT...
but I bet a member of ISD, went to one of those fake logon pages via e-mail and now there was an isk spammer out there with teal or green text lol....
Glad you find that humorous, I don't in anyway. How would you feel if you were in the volunteer program and suddenly it was compromised? What if who ever that compromised it really did have access to a ISD account and started using it to steal other peoples accounts? What if you worked at CCP as a DEV and suddenly everyone in game knew your characters name and you started getting spammed?
There is a reason DEV'S and ISD stay anonomyous and this person might have potentially compromised that. There is not one thing funny about this and you shouldn't think it was funny.
I'm just glad they didn't get a hold of customer info and the like and it wasn't too serious.
Mate, I don't think there is a list for all ISD to see which ISD member is which player in game, so you can forget being upset about that... 2nd, ISD members have no access to user accounts at all, and anyone dumb that sends there user name and pw to an ISD member is a moron too..
ISD are not devs, so thats not an issue. and if the ISD members in question fell for this, then thats there own stupid fault, though you would think they would be smart and not fall for phishing e-mails, this simply means that CCP needs to recruit smarter volunteers.
and yes I find it funny, and why shouldn't I, stupid ISD member falls for the same thing the stupid eve players do...
|
Shandas
Gallente Garoun Investment Bank
|
Posted - 2009.09.23 13:09:00 -
[12]
Originally by: Taladool
Originally by: Shandas
Originally by: Taladool Edited by: Taladool on 23/09/2009 12:49:10 CCP if your going to announce something, it makes more sense to, IDK, announce it... needless to say, we have no clue what it is your talking about.
EDIT: IDK WHAT THEY ARE TALKING ABOUT...
but I bet a member of ISD, went to one of those fake logon pages via e-mail and now there was an isk spammer out there with teal or green text lol....
Glad you find that humorous, I don't in anyway. How would you feel if you were in the volunteer program and suddenly it was compromised? What if who ever that compromised it really did have access to a ISD account and started using it to steal other peoples accounts? What if you worked at CCP as a DEV and suddenly everyone in game knew your characters name and you started getting spammed?
There is a reason DEV'S and ISD stay anonomyous and this person might have potentially compromised that. There is not one thing funny about this and you shouldn't think it was funny.
I'm just glad they didn't get a hold of customer info and the like and it wasn't too serious.
Mate, I don't think there is a list for all ISD to see which ISD member is which player in game, so you can forget being upset about that... 2nd, ISD members have no access to user accounts at all, and anyone dumb that sends there user name and pw to an ISD member is a moron too..
ISD are not devs, so thats not an issue. and if the ISD members in question fell for this, then thats there own stupid fault, though you would think they would be smart and not fall for phishing e-mails, this simply means that CCP needs to recruit smarter volunteers.
and yes I find it funny, and why shouldn't I, stupid ISD member falls for the same thing the stupid eve players do...
Whatever chuckles, glad you find it funny.
|
Herio Mortis
Caldari Dark Nebula Academy
|
Posted - 2009.09.23 13:18:00 -
[13]
Originally by: Jadal McPieksu
Guess based on this: Someone fell for a social engineering email designed to milk information/passwords/whatever...
Sadly no amount of policy or computer-based security will fix the weakest link - humans.
I beg the differ. This is exactly why you should use two-factor authentication system like say RSA SecureID.
Even if you would fall for a phishing attempt using such a system, the black hat could not use the credentials without actually having the physical token.
|
GuntiNDDS
|
Posted - 2009.09.23 13:28:00 -
[14]
ISD member fell for fake email and told the third party about how the ISD is sharing ip adress information from the devblog pages with shc and coldfront and filter them for visitors comming from kug forums. |
Gnulpie
Minmatar Miner Tech
|
Posted - 2009.09.23 13:29:00 -
[15]
What exactly happened? Which data were compromised?
I mean, okay, interesting to know that something happened. But if you say something, then best say something which contains a bit more info
But what does it mean for volunteer programs? Is CCP going to shut them down completely because they are to big a hole for the security? What if someone with bad/criminal intent gets into those volunteer programs? Is it worth the risk using volunteers?
|
011011100110100101100111
BACKUPLEGION
|
Posted - 2009.09.23 13:34:00 -
[16]
Originally by: An Anarchyyt I like this new blog, it claims it is about what happens, but it completely ignores what actually happend.
|
Vyktor Abyss
Gallente The Abyss Corporation
|
Posted - 2009.09.23 14:16:00 -
[17]
At least Chribba know what you're talking about it seems.
As for the rest of us, meh can't say I care...
Send an E-mail to the volunteers; there's no real need to blog about this to the whole eve community without any real details IMHO.
|
YunFu Yan
Yan Enterprises
|
Posted - 2009.09.23 14:19:00 -
[18]
Originally by: Gnulpie What if someone with bad/criminal intent gets into those volunteer programs? Is it worth the risk using volunteers?
Do you know how much volunteers are actually doing for the game? I can assure you that it'd be a great loss for all and every player if the ISD was shut down.
Even if you are not into EVE fiction and don't care about what's going on in EVE (M and IC Divisions), there is STAR and YARR. And don't forget about BH. Without them patches would be a lot more buggy than they are now. ------------------------------------------------- Yan Enterprises - We mean business. |
Zironi Rinha
Carebear Evolution DEFI4NT
|
Posted - 2009.09.23 14:24:00 -
[19]
one of the ISD's got a list off IP's which were connected to users on kugu's forums.
ISD then tries to cross reference those IP's with IP's on irc.coldfront.net and IP referrals to the devblogs from kugu's forums. ISD goes sneaky sneaky with personal information which is bad (not everyone in the world has a dynamic IP, and not all ISP's hide their clients data)
So any halfdecent nerd can look up addresses, RL names from people visiting kugu's forums.
I can honestly say.
Burn the ISD, Burn em to the ground! If they spend time going all "oooh those people visit kugu" then they could have spend that time writing newsworthy reports, which hardly happens.
Sooo... Burn them all!
This devblog contains less usefull information then a post about several world leaders being spotted in a furry orgy.
|
011011100110100101100111
BACKUPLEGION
|
Posted - 2009.09.23 14:48:00 -
[20]
So CCP why exactly do unpaid volunteers have access to this sort of data (server access logs)? It might not be linkable to EVE account details / billing details but the fact it's given to people you don't even employ takes the ****.
|
|
Frug
Repo Industries
|
Posted - 2009.09.23 15:11:00 -
[21]
Originally by: 011011100110100101100111
So CCP why exactly do unpaid volunteers have access to this sort of data (server access logs)?
That's very strange. I must have missed the part of the blog where they talk about server access logs.
- - - - - - - - - Do not use dotted lines - - - - - - If you think I'm awesome say BOOO BOOO!! - Ductoris Neat look what I found - Kreul Whisper/PrismX 4 emperor |
011011100110100101100111
BACKUPLEGION
|
Posted - 2009.09.23 15:12:00 -
[22]
Originally by: Frug
Originally by: 011011100110100101100111
So CCP why exactly do unpaid volunteers have access to this sort of data (server access logs)?
That's very strange. I must have missed the part of the blog where they talk about server access logs.
Probably because theres no actual information in the blog
|
Lady Lard
GoonSwarm
|
Posted - 2009.09.23 15:29:00 -
[23]
I, too, am wondering if volunteers got access to information they shouldn't have access to and why they do if they do? |
Jimmae
|
Posted - 2009.09.23 15:33:00 -
[24]
Originally by: Zironi Rinha Edited by: Zironi Rinha on 23/09/2009 14:26:05 one of the ISD's got a list off IP's which were connected to users on kugu's forums.
ISD then tries to cross reference those IP's with IP's on irc.coldfront.net and IP referrals to the devblogs from kugu's forums. ISD goes sneaky sneaky with personal information which is bad (not everyone in the world has a dynamic IP, and not all ISP's hide their clients data)
So any halfdecent nerd can look up addresses, RL names from people visiting kugu's forums.
I can honestly say.
Burn the ISD, Burn em to the ground! If they spend time going all "oooh those people visit kugu" then they could have spend that time writing newsworthy reports, which hardly happens.
Sooo... Burn them all!
This devblog contains less usefull information then a post about several world leaders being spotted in a furry orgy. And atleast that would be entertaining, and not against several EULA's.
Can we get the pek n feathers? Or is there going to be a large IA response with some actual information.
Oh and please nerf this post, shows how useless IA actualy is and how thightly CCP keeps their **** in check. Worse then politicans i say, much worse!
This is either irony or the biggest pile of bull**** I've ever read.
|
Quinn Foute
|
Posted - 2009.09.23 15:40:00 -
[25]
it is the truth. go to the forbidden website if you want to know more. i quoted the isd email here, but the post got deleted and i got forum warning by email. |
Kile Kitmoore
|
Posted - 2009.09.23 15:41:00 -
[26]
If you are scratching your head wondering what is ISD you can find your answers here: http://www.eveonline.com/isd.asp?sid=241245467
So please, just a bit more respect for these folks. Personally, I hope they find the culprit/s and they live in a country where law enforcement can reach them. The ISD folks do some great work and hope this doesn't effect their participation or hard work.
This should also be a warning shot over the bow however. We have COSMOS and the new in-game browser coming online so I hope CCP is making security job #1 (wait, didn't Microsoft try that…???).
|
Nepech Al'akir
Amarr The Collective Against ALL Authorities
|
Posted - 2009.09.23 16:01:00 -
[27]
Originally by: Jimmae
Originally by: Zironi Rinha Edited by: Zironi Rinha on 23/09/2009 14:26:05 one of the ISD's got a list off IP's which were connected to users on kugu's forums.
ISD then tries to cross reference those IP's with IP's on irc.coldfront.net and IP referrals to the devblogs from kugu's forums. ISD goes sneaky sneaky with personal information which is bad (not everyone in the world has a dynamic IP, and not all ISP's hide their clients data)
So any halfdecent nerd can look up addresses, RL names from people visiting kugu's forums.
I can honestly say.
Burn the ISD, Burn em to the ground! If they spend time going all "oooh those people visit kugu" then they could have spend that time writing newsworthy reports, which hardly happens.
Sooo... Burn them all!
This devblog contains less usefull information then a post about several world leaders being spotted in a furry orgy. And atleast that would be entertaining, and not against several EULA's.
Can we get the pek n feathers? Or is there going to be a large IA response with some actual information.
Oh and please nerf this post, shows how useless IA actualy is and how thightly CCP keeps their **** in check. Worse then politicans i say, much worse!
This is either irony or the biggest pile of bull**** I've ever read.
Its the truth.
More details; http://www.battledb.com/2009/09/21/breaking-news-shc-isd-violating-coldfront-users-privacy/
Post in assembly hall http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1183260&page=1
|
Avon
Caldari Black Nova Corp IT Alliance
|
Posted - 2009.09.23 17:02:00 -
[28]
Originally by: Nepech Al'akir
Its the truth.
More details; http://www.battledb.com/2009/09/21/breaking-news-shc-isd-violating-coldfront-users-privacy/
Post in assembly hall http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1183260&page=1
The "truth" isn't going to be found by reading one side of a story. How was that information obtained? How recent is it?
If it is a leak from a private email between two individuals then maybe the concern is not so much the content but rather the fact that someone accessed it (assuming the sender or receiver didn't leak it). In that light, a crusade against omginternetabuse is a little ironic.
アニメ漫画です
|
Zironi Rinha
Carebear Evolution DEFI4NT
|
Posted - 2009.09.23 17:43:00 -
[29]
Originally by: Avon
Originally by: Nepech Al'akir
Its the truth.
More details; http://www.battledb.com/2009/09/21/breaking-news-shc-isd-violating-coldfront-users-privacy/
Post in assembly hall http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1183260&page=1
The "truth" isn't going to be found by reading one side of a story. How was that information obtained? How recent is it?
If it is a leak from a private email between two individuals then maybe the concern is not so much the content but rather the fact that someone accessed it (assuming the sender or receiver didn't leak it). In that light, a crusade against omginternetabuse is a little ironic.
Im probably going to get nerfed for this...
Google for a bit for Kugu.com, and you'll find it. As the full link is nicely blocked by CCP's filter.
Very recent. The mail actualy ended up on SHC, god knows how it got there as it was pretty much instantly deleted. Not sure how it was obtained, but it was defenatly not supposed to be obtained by the people that got it. Im assuming some smartass ISD posted a picture on his own host and then tracked all the people that loaded the picture, same way as they track referrals from kugu to the devblogs. ISD member then went to another ISD member with it. ISD/DEV member happens to own Coldfront so can cross reference IP's SHC is ran by a ISD/DEV peoplez, so can cross reference IP's.
The real core question is. WTF is ISD doing with the IP's from the people that visit kugu? And why in hell do they need them?
And most importantly, when can we lynch the people in question? Or are they being lynched for us. Even though id love to participate.
I knew CCP had no control over what SHC and Coldfront do, but seeing they are ran by ISD/Devs, their volounteers/employees pretty much own it. If my knowledge is correct, the people that run both services have become devs over the past few years.
So yea, pek n feathers, wheres my pitchfork n torch. WITCHHUNT! Just like they are hunting us, we should hunt them.
PROUD **********.com reader! (and my frikkin IP is on that list, so i have extra reasons to be mad about this HORRIBLE screwup as its a direct infraction of privacy.)
|
Steve Thomas
|
Posted - 2009.09.23 17:57:00 -
[30]
Originally by: Zironi Rinha
Originally by: Avon
Originally by: Nepech Al'akir
Its the truth.
More details; http://www.battledb.com/2009/09/21/breaking-news-shc-isd-violating-coldfront-users-privacy/
Post in assembly hall http://www.eveonline.com/ingameboard.asp?a=topic&threadID=1183260&page=1
The "truth" isn't going to be found by reading one side of a story. How was that information obtained? How recent is it?
If it is a leak from a private email between two individuals then maybe the concern is not so much the content but rather the fact that someone accessed it (assuming the sender or receiver didn't leak it). In that light, a crusade against omginternetabuse is a little ironic.
Im probably going to get nerfed for this...
Google for a bit for Kugu.com, and you'll find it. As the full link is nicely blocked by CCP's filter.
Very recent. The mail actualy ended up on SHC, god knows how it got there as it was pretty much instantly deleted. Not sure how it was obtained, but it was defenatly not supposed to be obtained by the people that got it. Im assuming some smartass ISD posted a picture on his own host and then tracked all the people that loaded the picture, same way as they track referrals from kugu to the devblogs. ISD member then went to another ISD member with it. ISD/DEV member happens to own Coldfront so can cross reference IP's SHC is ran by a ISD/DEV peoplez, so can cross reference IP's.
The real core question is. WTF is ISD doing with the IP's from the people that visit kugu? And why in hell do they need them?
And most importantly, when can we lynch the people in question? Or are they being lynched for us. Even though id love to participate.
I knew CCP had no control over what SHC and Coldfront do, but seeing they are ran by ISD/Devs, their volounteers/employees pretty much own it. If my knowledge is correct, the people that run both services have become devs over the past few years.
So yea, pek n feathers, wheres my pitchfork n torch. WITCHHUNT! Just like they are hunting us, we should hunt them.
PROUD **********.com reader! (and my frikkin IP is on that list, so i have extra reasons to be mad about this HORRIBLE screwup as its a direct infraction of privacy.)
*.* *.* *.* *.* *.* *.* *.* *.*
Stop freaking worrying about why things the developers did 5 years and more ago no longer make sense. |
|
|
|
|
Pages: [1] 2 3 :: one page |
First page | Previous page | Next page | Last page |