| Pages: 1 [2] 3 :: one page |
|
|
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
TeaDaze
Agony Unleashed
Agony Empire
   |
Posted - 2009.11.30 12:21:00 -
[31]
Simple precautions to take with your account.
- Don't have a character name as the account name
- Don't use a dictionary word as the password
- Don't download strange things promising pronography
- Keep your machine patched and antivirus up to date
- Use flashblock and noscript to reduce (not 100% eliminate) the chances of getting hacked via flash or scripting exploits.
- Don't use your account name and password on any other website, application or reply with those details to any email pretending to be from CCP. They know your password already so don't need to ask for it by email etc
It isn't rocket science...
Vote TeaDaze for CSM #4
|
floggar
|
Posted - 2009.11.30 12:27:00 -
[32]
Edited by: floggar on 30/11/2009 12:28:57
 Originally by: Alex Raptos
Originally by: floggar
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
Considering all the possible methods for a "hacker" to obtain your username and password, i will have to answer Yes to that question.
The only ways to get hacked ultimately come down to end-user stupidity. Either they use the same Username and Password for everything, and another service they use gets infiltrated (Corp website). They visit a dodgy website through either intent (Buying isk/other services) or blind stupidity (Phishing emails). They then proceed to give said website their details not making sure it is a legitimate website, or allow said website to run a script or save an executable (Most commonly a duped Flash Player)
At the end of the Day, the user is compromising their own computer by being a stupid end-user. So yes, they bring it on themselves.
So just to be clear, if someone unknowingly visits a compromised website, its their fault? Also, how do you make sure a website is legitimate?
When I google wormhole so I can get some info there are many results. Please educate me on on to make sure these informative websites are legit?
Shall I write the webmaster and await their response before I read the content?
|
Tiny Tove
|
Posted - 2009.11.30 12:31:00 -
[33]
Edited by: Tiny Tove on 30/11/2009 12:31:05
Originally by: Alex Raptos
The only ways to get hacked ultimately come down to end-user stupidity.
There but for the grace of God go you then. Because in the grand reckoning, in answer to whether you got hacked or not, you can only ever truthfully say "Yes" or "I don't know". |
Zartanic
Red Federation
|
Posted - 2009.11.30 12:33:00 -
[34]
Edited by: Zartanic on 30/11/2009 12:35:26
Originally by: floggar
Originally by: Zartanic
Originally by: floggar
Originally by: Armoured C
I would of believed it more if you would of said this
"For the second time this month someone I know who brought isk has had there account hacked".
The responsibility for your account is yours and yours only, CCP can help in the protection but it up to you to insure you don't catch keyloggers which could effect your account. You can do this by only going on sites you trust , not buying isk (as the sites you purchase from has keyloggers on the site) and maintaining high security standards. Or buying anti-virus software like nod32
Basically they were idiots , got there account hacked and it there own fault. Don't cry here for there pennence as they have 99% likly brought it on themsleves. There is no guessing of these guys accounts it 100% brought on by themselves.
Hope they get there accounts banned
Hey forum ***** do you know for a fact that "they brought it on themselves"? How could you know this? people get hacked for various reason, you'd have to be an idiot to blame the victim without knowing all the facts.
You lack attention in RL so you need to come here for it. thats just lol.
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
Are you telling us that you think everyone who was ever hacked on the internet has brought it upon themselves?
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
How can you be %100 ceertain of that, do you know the details of each and every instance of this happening to an eve player?
We're are talking about EVE not the internet.
On that basis yes it is their fault. If you could give me an example where it is not that would be great as I can't think of one. The only exception I can think of is a very new security hole but when that happens many players would be compromised and there is no evidence of that. Also security holes tend to allow loggers to be placed on a site but the normal precautions should still stop them running or being effective.
I'm also not saying I'm totally safe, no one is. Being paranoid and realising we all **** up is a good attitude to have I think. Feeling tired, irritable or just distracted is enough to run a malicious script and not realise its happened.
But not to learn from that and try and blame a third party with no evidence tells me it will happen to them again sooner or later.
If it happened to me Id try and work out how it happened and be very embarrassed about it.
|
coolzero
Gallente
Dutch Federation Player Corp
|
Posted - 2009.11.30 12:33:00 -
[35]
time for ccp to add a authenticator option like WoW has :P
Jack of all trades, master of none...
|
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 12:38:00 -
[36]
Originally by: floggar
Edited by: floggar on 30/11/2009 12:28:57
Originally by: Alex Raptos
Originally by: floggar
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
Considering all the possible methods for a "hacker" to obtain your username and password, i will have to answer Yes to that question.
The only ways to get hacked ultimately come down to end-user stupidity. Either they use the same Username and Password for everything, and another service they use gets infiltrated (Corp website). They visit a dodgy website through either intent (Buying isk/other services) or blind stupidity (Phishing emails). They then proceed to give said website their details not making sure it is a legitimate website, or allow said website to run a script or save an executable (Most commonly a duped Flash Player)
At the end of the Day, the user is compromising their own computer by being a stupid end-user. So yes, they bring it on themselves.
So just to be clear, if someone unknowingly visits a compromised website, its their fault? Also, how do you make sure a website is legitimate?
When I google wormhole so I can get some info there are many results. Please educate me on on to make sure these informative websites are legit?
Shall I write the webmaster and await their response before I read the content?
Congratulations, you are taking eve-related advice and taking it out of context to the entire internet.
But regarding your first point-
Checking the URL to make sure you are actually on the eve online website (If not, what the hell are you doing putting in your information?)
Not downloading anything they claim you need to run the website properly (I.e Flashplayer.exe, Java.exe are the most common two.) If you REALLY think you might need an update, get it from the source programs website (www.sunmicrosystems.com (Java) or www.adobe.com (Flash))
And lastly regarding illegitimate scripts, For firefox there is Noscript, i'm pretty damn sure there are other methods for different browsers aswell, if not, then you are still at fault for using an insecure browser 
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Tiny Tove
|
Posted - 2009.11.30 12:39:00 -
[37]
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I don't mind people having the option to have an "Eve Online" keyring with a picture of optionally a Navy Megathron, or perhaps Kessie on it, for reasons of misplaced vanity and account security, but I would very much like that gimmick's total cost to be picked up by that particular small demographic, as opposed to making us all pay for an expensive perception of security where an extremely cheap perception of security was available already. |
Zartanic
Red Federation
|
Posted - 2009.11.30 12:39:00 -
[38]
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I saw a cheaper one which is common in asia apparently. You get an email sent with a chart of numbers with code letters against each, unique to each user. You have to type in these code numbers to log. Its a bit like when banks used to ask for letters 2,5 and 7 of your password. It's not completely foolproof of course but it better than nothing and costs nothing to the user.
|
Johan Sabbat
Blue Republic
|
Posted - 2009.11.30 12:55:00 -
[39]
Edited by: Johan Sabbat on 30/11/2009 12:55:46
Originally by: Zartanic
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I saw a cheaper one which is common in asia apparently. You get an email sent with a chart of numbers with code letters against each, unique to each user. You have to type in these code numbers to log. Its a bit like when banks used to ask for letters 2,5 and 7 of your password. It's not completely foolproof of course but it better than nothing and costs nothing to the user.
And combine it with 'lens lock' technology (see Elite for spectrum 48k) to make it truly impossible to access eve ever again.
--fake edit
Maybe 'lens lock' would work better with flat screens and no longer be as safe.
--real edit
spelling
|
Nareg Maxence
Gallente
JotunHeim Hird
|
Posted - 2009.11.30 12:55:00 -
[40]
Originally by: floggar
So just to be clear, if someone unknowingly visits a compromised website, its their fault? Also, how do you make sure a website is legitimate?
When I google wormhole so I can get some info there are many results. Please educate me on on to make sure these informative websites are legit?
Shall I write the webmaster and await their response before I read the content?
Even if you visit a compromised website, you still have to say yes to download bad stuff and yes to install bad stuff afterwards, so it's still your fault. That is assuming you keep your browser and OS up to date with latest security updates.
|
|
|
NyteTyger
Gallente
NiteSun Enterprises
|
Posted - 2009.11.30 13:08:00 -
[41]
I wonder how many of these dedicated EVE boxes that never, ever surf the net, who have never even been to an ISK buying website, have a mining/mission bot running on them. 
__________________________________________
It's a do or die universe, so you better damn well choose between one or the other. |
Cypherous
Minmatar
Liberty Rogues
Rally Against Evil
|
Posted - 2009.11.30 13:13:00 -
[42]
Originally by: Ryoji Tanakama
Edited by: Ryoji Tanakama on 30/11/2009 12:15:13
Originally by: Akita T
Quote:
and do not let eve login remember your passwords.
You can't forget to do something that is impossible to do.
Tut tut Akita.
You can enable remembering of passwords in one of the config files.
You used to be able to do that many many many moons ago but it was removed as a security issue years back ;)
Rally Against Evil Site |
Tiny Tove
|
Posted - 2009.11.30 13:41:00 -
[43]
To help the slow ones out a little more
Even game creators and THE POLICE think that the perpetrator of the crime is the one to bear the blame.
Maybe your "Victim bears the fault" would have been very appropriate in a 1970's **** trial, but the rest of us moved on into the 21st century and beyond. |
MoZo1
|
Posted - 2009.11.30 14:22:00 -
[44]
Originally by: SeerinDarkness
all eve players i strongly urge you to change your passwords once a week [...] forcing password resets
Please don't!
This is the easiest way to make me come up with the dumbest passwords ever. My ebank is doing this, and after 4-5 change it's completely impossible to keep track of which one is the current one.
If you're about to improve security, RSA tokens would be welcome!
|
SeerinDarkness
Minmatar
An Tir
|
Posted - 2009.11.30 14:54:00 -
[45]
First of all ,NO it wasent me that got whacked
Second i started this thread strictly to put out some kind of warning/information. Do with this as u will, pay attiention or not.
Third i do implicitly trust the acount of events as given to me by somone i know for over 2 years thru this game,far as i can tell there is no reason to believe that the events dident happen as described
Fourth and most of all, given that the same box is running multipal accounts and only 1 account was raided says several things now dosent it. that paticular box also blew the mobo approxamatly 3-4 days before this happened and is awaiting replacment parts even now.
Seer
|
KaarBaak
Minmatar
The Protei
|
Posted - 2009.11.30 15:02:00 -
[46]
Originally by: SeerinDarkness
First of all ,NO it wasent me that got whacked
Second i started this thread strictly to put out some kind of warning/information. Do with this as u will, pay attiention or not.
Third i do implicitly trust the acount of events as given to me by somone i know for over 2 years thru this game,far as i can tell there is no reason to believe that the events dident happen as described
Fourth and most of all, given that the same box is running multipal accounts and only 1 account was raided says several things now dosent it. that paticular box also blew the mobo approxamatly 3-4 days before this happened and is awaiting replacment parts even now.
Seer
/me rolls a natural '20' and disbelieves.
KB
Beware the beast Man, for he is the Devil's pawn. Alone among God's primates, he kills for sport or lust or greed. Yea, he will murder his brother to possess his brother's land. |
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 15:07:00 -
[47]
Originally by: Tiny Tove
To help the slow ones out a little more
Even game creators and THE POLICE think that the perpetrator of the crime is the one to bear the blame.
Maybe your "Victim bears the fault" would have been very appropriate in a 1970's **** trial, but the rest of us moved on into the 21st century and beyond.
Because computer Viruses and other Malicious actions are completely linear to ****. Yes indeed, being ****d is completely comparable to clicking "Yes" to a popup that claimed to be flash player but was not because you didn't download it from the creators website.
**** is completely comparable to using the same User Name and Password as your Game details for Corp Forums and Email accounts. Yes indeedy.
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Miraqu
Caldari
|
Posted - 2009.11.30 15:20:00 -
[48]
I wonder why nobody has mentioned the most effective security measure:
- Don't use administrative privileges if not needed.
|
Zartanic
Red Federation
|
Posted - 2009.11.30 15:30:00 -
[49]
Edited by: Zartanic on 30/11/2009 15:35:45
Originally by: Tiny Tove
To help the slow ones out a little more
Even game creators and THE POLICE think that the perpetrator of the crime is the one to bear the blame.
Maybe your "Victim bears the fault" would have been very appropriate in a 1970's **** trial, but the rest of us moved on into the 21st century and beyond.
Yes I read that today, its interesting they only got a caution. Laws are terrible for these sorts of things.
As to blame or course the perpetrator is ultimately to blame. That does not excuse people from taking mitigating steps, any more than opening my front door and announcing 'I'm out for a few days' to the local burgler would be a smart thing to do.
As an extreme example, I know someone recently who refused to wear a car seat belt and it got someone killed in a car crash even though the crash was not their fault. They are lucky to have escaped prison as they defiantly broke the law and were taken to court over it.
People need to take some responsibility for their own actions or put up with the consequences. The law agrees with that to some extent.
Every person I personally know who was compromised allowed it to happen, either by ignorance, laziness (which is how I'm likely to be hacked If I ever am) or negligence.
|
NyteTyger
Gallente
NiteSun Enterprises
|
Posted - 2009.11.30 15:34:00 -
[50]
Originally by: SeerinDarkness
First of all ,NO it wasent me that got whacked
Second i started this thread strictly to put out some kind of warning/information. Do with this as u will, pay attiention or not.
Third i do implicitly trust the acount of events as given to me by somone i know for over 2 years thru this game,far as i can tell there is no reason to believe that the events dident happen as described
Fourth and most of all, given that the same box is running multipal accounts and only 1 account was raided says several things now dosent it. that paticular box also blew the mobo approxamatly 3-4 days before this happened and is awaiting replacment parts even now.
Seer
Just out of curiosity, that one account wouldn't happen to be a miner or missioner, would it? I'm curious about the bot situation I mentioned.
No web surfing, no isk buying, but a program designed to capture keystrokes that may need the account info to log in automatically would certainly answer a lot of questions.
__________________________________________
It's a do or die universe, so you better damn well choose between one or the other. |
|
|
Tiny Tove
|
Posted - 2009.11.30 16:13:00 -
[51]
Originally by: Zartanic
Every person I personally know who was compromised allowed it to happen, either by ignorance, laziness (which is how I'm likely to be hacked If I ever am) or negligence.
Try it.
"Look how she was dressed your honour, she was begging for it, clearly."
"The door was wide open your honour, why shouldn't I help myself to their stuff"
Or if you really want a close analogy
"I copied his door key and robbed him while he was out, this is clearly his responsibility for not knowing I was going to do it, and failing to stop me."
It does not matter how much you enjoy putting the blame where it does not lie, it will never be considered acceptable, unless you're Tony Blair of course, in which case it makes perfect sense. |
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 16:17:00 -
[52]
Originally by: Tiny Tove
"He gave me his door key and gave me everything i needed to rob him while he was out"
Fixed your Analogy.
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Tiny Tove
|
Posted - 2009.11.30 16:31:00 -
[53]
Edited by: Tiny Tove on 30/11/2009 16:36:11
Edited by: Tiny Tove on 30/11/2009 16:35:14
Edited by: Tiny Tove on 30/11/2009 16:34:16
Edited by: Tiny Tove on 30/11/2009 16:33:52
Edited by: Tiny Tove on 30/11/2009 16:32:51
Edited by: Tiny Tove on 30/11/2009 16:31:35
Originally by: Alex Raptos
Originally by: Tiny Tove
"He gave me his door key and gave me everything i needed to rob him while he was out"
Fixed your Analogy.
No, you broke it. Try not being silly. You really believe, deep down, that they hand over their account name and passord on request? Do you?
Is that what you believe?
Do you?
Do you believe that? Seriously?
From the bottom of your heart and everything?
Like really believe that everybody who got hacked was just online buying some isk, because CCP said so, and they were asked "ni hao" Give username and password!" like CCP say they do? You actually honestly believe that?
Really?
Really?
EDIT:
Really?! You actually believe that?!
You actually believe that occurs, I have some friends would love to hear from you! |
shwarzkauph
bullets with butterfly wings
|
Posted - 2009.11.30 16:34:00 -
[54]
Originally by: Alex Raptos
Originally by: Tiny Tove
"He gave me his door key and gave me everything i needed to rob him while he was out"
Fixed your Analogy.
lame
u lose |
Captain Tardbar
State Protectorate
|
Posted - 2009.11.30 16:50:00 -
[55]
Originally by: TeaDaze
Simple precautions to take with your account.
- Don't have a character name as the account name
- Don't use a dictionary word as the password
- Don't download strange things promising pronography
- Keep your machine patched and antivirus up to date
- Use flashblock and noscript to reduce (not 100% eliminate) the chances of getting hacked via flash or scripting exploits.
- Don't use your account name and password on any other website, application or reply with those details to any email pretending to be from CCP. They know your password already so don't need to ask for it by email etc
It isn't rocket science...
Also... I believe (IMO) that a prominent 3rd party tool has been compromised so I refuse to download any exe related to eve no matter how well backed up it is.
Of course I'm just paranoid and I'm not calling anyone out, but even with the posted source code, unless you compile it yourself you can never be sure.
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 17:45:00 -
[56]
It is always your fault because it is your account on your pc. If you dont have you pc regulated to stop such keyloggers from your machine then it is you that has comprimised security for your account.
Every person here that has had there account compromised was during the audri batonni incident where people were clicking the links, purchasing isk ( which is the common factor, but denying he hasn't every dev has come on here and cruisified them in public about it)
also trusting someone word in a video game because you known them for 2 years isn't exactly his word. yeah you know him but i knew someone for 4 years in a corp , still didn't stop him robbing everything in the corp hanger did it? face it , he brought isk as he isn't going to tell you because that is where the majority of his accounts are.
also for you key thingie you demostarted for a real life thing , yeah he key was duplicated so he stuff was robbed while he was out but the insurer wont cover him since there was no forced entry into the home. so even then they still have to cough up for new stuff.
everything you download on to your pc is by your own doing, weather you know about it or you don't know about it.
you will have to accept that he is in the wrong and most likly to have brought isk, in which case his account should be banned and any isk he shared with you removed from your account as well as any others.
PC SECURITY IS THE USERS DOING ALONE!!!!!!!!!!
|
Zartanic
Red Federation
|
Posted - 2009.11.30 17:47:00 -
[57]
Edited by: Zartanic on 30/11/2009 17:56:45
Originally by: Tiny Tove
Originally by: Zartanic
Every person I personally know who was compromised allowed it to happen, either by ignorance, laziness (which is how I'm likely to be hacked If I ever am) or negligence.
Try it.
"Look how she was dressed your honour, she was begging for it, clearly."
"The door was wide open your honour, why shouldn't I help myself to their stuff"
Or if you really want a close analogy
"I copied his door key and robbed him while he was out, this is clearly his responsibility for not knowing I was going to do it, and failing to stop me."
It does not matter how much you enjoy putting the blame where it does not lie, it will never be considered acceptable, unless you're Tony Blair of course, in which case it makes perfect sense.
Stop bringing politics into this it makes you look foolish.
Also stop bringing up strawmen. It was made clear earlier we are talking EVE security, not even online security. If you can't grasp the fact only complete idiots do nothing about their online security go ahead and get hacked. Just don't come crying here about it.
You're other comparisons are inane, immature and completely irrelevant.
Finally there is no such thing as black and white, you will learn that one day, its all a matter of degrees:
1. Perpetrator was to blame for the hack
2. Victim was culpable for allowing it, depending on the circumstances.
We are talking about the victim side obviously, the perpetrator blame is self evident and not under discussion or relevant.
|
Manu Hermanus
FaDoyToy
|
Posted - 2009.11.30 17:53:00 -
[58]
to make a password, tap the shift key repedtedly and smash your face into the keyboard, now roll it around a bit, still tapping the shift key you will get something like
LJTBGLCU*<O^rk;6t5gek,7oil*5t6p9O:(*t6yuedsrYK;i79tOUYFdl6r&otrS
%y7elrI&Yto8PY&9i8tLrfkTYDl;*Itr;"T8I^DtyrsxrysUfr7rf7RFTUlduf&IoFLTUdi78R
few good passwords in there.
You're posting again!? Has it really been 5 mins?
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 18:08:00 -
[59]
Originally by: Zartanic
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
WoW accounts were 'hacked' with a keylogger that used a 0-day exploit in Flash to install itself. The movie was submitted as an ad to Google, where it promptly appeared on many 'trusted' web sites (Such as EvE-Central or EvE-Search in our game universe).
Thus, player who is just going to a normal web site to look up some random bit of information is 'hacked' without clicking on any 'ok to install' buttons.
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 18:19:00 -
[60]
Edited by: Ukucia on 30/11/2009 18:26:11
Edited by: Ukucia on 30/11/2009 18:20:00
Originally by: Armoured C
also for you key thingie you demostarted for a real life thing , yeah he key was duplicated so he stuff was robbed while he was out but the insurer wont cover him since there was no forced entry into the home. so even then they still have to cough up for new stuff.
Nope. Forced entry isn't required for insurance pay-out. Simply because it's also not that hard to break in to a house using means that are not 'forced'. (Pick the lock, copy keys while you're working as a valet, etc)
Quote:
everything you download on to your pc is by your own doing, weather you know about it or you don't know about it.
I've placed a few hundred megabytes of child **** on your computer through an exploit you (and your AV vendor) don't know about, and I've used a rootkit to prevent you from seeing it, much less deleting it. The police will be along shortly and I've informed them how to find the files. Do you still agree that everything on your PC is 100% your responsibility?
(Ok, I really haven't. But there's some malware 'in the wild' that is used to store and transfer child ****. Because of it, people have been arrested for possession of child **** without knowing it was on their computers. They were released when the authorities determined they didn't know it was on their computer.)
|
|
|
|
|
| |
|
| Pages: 1 [2] 3 :: one page |
| First page | Previous page | Next page | Last page |