| Pages: 1 2 3 :: [one page] |
| Author |
Thread Statistics | Show CCP posts - 0 post(s) |
SeerinDarkness
Minmatar
An Tir
   |
Posted - 2009.11.30 08:13:00 -
[1]
For the second time in a month somone i know ingame has had their account raided....all eve players i strongly urge you to change your passwords once a week and do not let eve login remember your passwords. Somone is out there guessing account login names and like other things with eve the client/eve forums is keeping account info somehow sutch as passwords...and change those api keys.. GM's please fo something to kill the guessing games some people are obviously playing to hack acounts like limiting password tries and forcing password resets
Seer
|
Bel Amar
Amarr
Children of Anarchy
HELM Alliance
|
Posted - 2009.11.30 08:27:00 -
[2]
People are getting hacked because they're getting keyloggers on their computers. The hackers aren't "guessing".
|
sg3s
Caldari
Deep Core Mining Inc.
|
Posted - 2009.11.30 08:32:00 -
[3]
 Originally by: Bel Amar
People are getting hacked because they're getting keyloggers on their computers. The hackers aren't "guessing".
This.
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 08:42:00 -
[4]
I would of believed it more if you would of said this
"For the second time this month someone I know who brought isk has had there account hacked".
The responsibility for your account is yours and yours only, CCP can help in the protection but it up to you to insure you don't catch keyloggers which could effect your account. You can do this by only going on sites you trust , not buying isk (as the sites you purchase from has keyloggers on the site) and maintaining high security standards. Or buying anti-virus software like nod32
Basically they were idiots , got there account hacked and it there own fault. Don't cry here for there pennence as they have 99% likly brought it on themsleves. There is no guessing of these guys accounts it 100% brought on by themselves.
Hope they get there accounts banned
|
Akita T
Caldari
Caldari Navy Volunteer Task Force
|
Posted - 2009.11.30 08:47:00 -
[5]
Originally by: SeerinDarkness
For the second time in a month somone i know ingame has had their account raided
Tell him to get a better antivirus // get a better firewall // upgrade and/or update his OS // not to surf for questionable stuff // not to click on every exe and allow it to install
Quote:
all eve players i strongly urge you to change your passwords once a week
A password which will be promptly intercepted again on an infected machine and will do you no good
Quote:
and do not let eve login remember your passwords.
You can't forget to do something that is impossible to do.
Quote:
Somone is out there guessing account login names and like other things with eve the client/eve forums is keeping account info somehow sutch as passwords
Nope. Not even close.
Quote:
and change those api keys
Irrelevant. They have nothing to do with your account NAME nor PASSWORD, they are only account ID number and (more or less) randomly generated strings.
Quote:
GM's please fo something to kill the guessing games some people are obviously playing to hack acounts like limiting password tries and forcing password resets
Nobody's "guessing" anything, unless those "hacks" are actually coming from an acquaintance.
Quote:
Seer
Akisomething Tralala
_
We are recruiting | Beginer's ISK making guide | Manufacturer's helper |
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 09:14:00 -
[6]
did they cry , i hope they did. people buying isk is ruining the game
|
Cridu Chat
|
Posted - 2009.11.30 09:20:00 -
[7]
Guessing games...
Have fun guessing my 20+ characters password.
Maybe don't use 1234 on ur Account ?
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 09:21:00 -
[8]
Originally by: Cridu Chat
Guessing games...
Have fun guessing my 20+ characters password.
Maybe don't use 1234 on ur Account ?
or password 
|
Komi Toran
|
Posted - 2009.11.30 09:36:00 -
[9]
Originally by: Cridu Chat
Guessing games...
Have fun guessing my 20+ characters password.
Maybe don't use 1234 on ur Account ?
That's amazing! I've got the same combination on my luggage!
|
SeerinDarkness
Minmatar
An Tir
|
Posted - 2009.11.30 09:40:00 -
[10]
While i do believe some people are getting keylogged and the like.
its hard to explain that happening to a dedicated eve box that does nothing but run clients and nothng else..not even surfing.
the only explinations are somone is guessing Or CCP has a leak somewhere.
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 09:44:00 -
[11]
Originally by: SeerinDarkness
While i do believe some people are getting keylogged and the like.
its hard to explain that happening to a dedicated eve box that does nothing but run clients and nothng else..not even surfing.
the only explinations are somone is guessing Or CCP has a leak somewhere.
well the thing is that is isn't you that has been hacked nor is it your machine. So you don't have the foggiest of clue's. What one says to someone he knows and what he actually does or lie to cover up something that is wrong is different. I took it he told you he uses it for nothing else yeah?
|
Estel Arador
Minmatar
AFK
|
Posted - 2009.11.30 09:50:00 -
[12]
Originally by: SeerinDarkness
While i do believe some people are getting keylogged and the like.
its hard to explain that happening to a dedicated eve box that does nothing but run clients and nothng else..not even surfing.
the only explinations are somone is guessing Or CCP has a leak somewhere.
Your explanations are far harder to explain than some kind of user error. People have a tendency to overestimate their own competency and underestimate the competency of others.
Free jumpclone service: Thread |
Miraqu
Caldari
|
Posted - 2009.11.30 09:50:00 -
[13]
Originally by: SeerinDarkness
its hard to explain that happening to a dedicated eve box that does nothing but run clients and nothng else
To be honest, as soon as you connect that box to the internet, you are vulnerable.
Even if you don't surf the net you will have to care about security.
|
Jessica Lorelei
Minmatar
Decimus Corp
|
Posted - 2009.11.30 09:53:00 -
[14]
Edited by: Jessica Lorelei on 30/11/2009 09:54:12
Originally by: SeerinDarkness
While i do believe some people are getting keylogged and the like.
its hard to explain that happening to a dedicated eve box that does nothing but run clients and nothng else..not even surfing.
the only explinations are somone is guessing Or CCP has a leak somewhere.
yea right, you really are gullible, and your friend is an isk buying cheat and should be banned from every mmo forever.
are you SURE it is your 'friend' and not you?
|
Martin Mckenna
D00M.
Triumvirate.
|
Posted - 2009.11.30 09:58:00 -
[15]
Originally by: SeerinDarkness
Somone is out there guessing account login names
This is funny 
---------------------
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 10:23:00 -
[16]
Originally by: Martin Mckenna
Originally by: SeerinDarkness
Somone is out there guessing account login names
This is funny
yes it is , his friend has told him false stuff and he has taken it for gospel truth first go
|
Malcanis
Vanishing Point.
The Initiative.
|
Posted - 2009.11.30 10:43:00 -
[17]
Originally by: Bel Amar
The hackers aren't "guessing".
This. Don't let your "friend" buy ISK...
|
JeanMichel Bizarre
Whimmy Wham Wham Wozzle
|
Posted - 2009.11.30 10:44:00 -
[18]
I've been playing online games for quite a while and have never had any issues whatsoever. I do, however change my password every few months and take care to include upper, lower case and numbers.
If you have the slightest idea of how to keep your PC clean of **** there is little to worry about.
------
|
Haraldhardrade
Amarr
Pax Amarr
|
Posted - 2009.11.30 10:47:00 -
[19]
Originally by: Komi Toran
Originally by: Cridu Chat
Guessing games...
Have fun guessing my 20+ characters password.
Maybe don't use 1234 on ur Account ?
That's amazing! I've got the same combination on my luggage!
SPACEBALLS! (what do I win?)
Caveo of Minmatar , torva vacuus regimen of deus es plurrimi periculosus of bestia
|
gallchecker
|
Posted - 2009.11.30 11:38:00 -
[20]
online gaming since the aoe series in 95.
never had any accounts hacked, never been scammed in a game yet.
'everyone is the enemy until proven otherwise'
works fine for me :)
|
Zartanic
Red Federation
|
Posted - 2009.11.30 11:47:00 -
[21]
Edited by: Zartanic on 30/11/2009 11:53:05
Mr X buys illegal ISK/character/item
Mr x gets hacked
Mr x gets his account back
Mr x gets phising email requesting 'identity/security' check from ISK sellers pretending to be CCP
Mr x ignores the obvious phishing attempt and gives them account details
Mr x gets hacked again
And/or:
Mr x has not removed the logger
Mr x has the same user name and PW as a forum he uses that's been compromised
Mr x does not take basic security measures when visiting sites and happily runs any script he comes across
There's a ton of ways to get compromised and most of them due to laziness or stupidity. It does not take a conspiracy theory to work out how its easily done.
If is was compromised EVE forums security or API keys there would be TENS OF THOUSANDS of security breaches. The fact there is not is a massive hint.
|
floggar
|
Posted - 2009.11.30 11:52:00 -
[22]
Originally by: Armoured C
I would of believed it more if you would of said this
"For the second time this month someone I know who brought isk has had there account hacked".
The responsibility for your account is yours and yours only, CCP can help in the protection but it up to you to insure you don't catch keyloggers which could effect your account. You can do this by only going on sites you trust , not buying isk (as the sites you purchase from has keyloggers on the site) and maintaining high security standards. Or buying anti-virus software like nod32
Basically they were idiots , got there account hacked and it there own fault. Don't cry here for there pennence as they have 99% likly brought it on themsleves. There is no guessing of these guys accounts it 100% brought on by themselves.
Hope they get there accounts banned
Hey forum ***** do you know for a fact that "they brought it on themselves"? How could you know this? people get hacked for various reason, you'd have to be an idiot to blame the victim without knowing all the facts.
You lack attention in RL so you need to come here for it. thats just lol.
|
Zartanic
Red Federation
|
Posted - 2009.11.30 11:55:00 -
[23]
Originally by: floggar
Originally by: Armoured C
I would of believed it more if you would of said this
"For the second time this month someone I know who brought isk has had there account hacked".
The responsibility for your account is yours and yours only, CCP can help in the protection but it up to you to insure you don't catch keyloggers which could effect your account. You can do this by only going on sites you trust , not buying isk (as the sites you purchase from has keyloggers on the site) and maintaining high security standards. Or buying anti-virus software like nod32
Basically they were idiots , got there account hacked and it there own fault. Don't cry here for there pennence as they have 99% likly brought it on themsleves. There is no guessing of these guys accounts it 100% brought on by themselves.
Hope they get there accounts banned
Hey forum ***** do you know for a fact that "they brought it on themselves"? How could you know this? people get hacked for various reason, you'd have to be an idiot to blame the victim without knowing all the facts.
You lack attention in RL so you need to come here for it. thats just lol.
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
|
Tiny Tove
|
Posted - 2009.11.30 11:59:00 -
[24]
Perhaps Mythbusters should take a look at the CCP and fevered fanboi claim that you only get hacked if you buy isk.
Because it's very damaging for people to think it's the only way to get hacked, and it stops people being vigilant. |
Destination SkillQueue
Are We There Yet
|
Posted - 2009.11.30 12:04:00 -
[25]
Originally by: Zartanic
Originally by: floggar
Hey forum ***** do you know for a fact that "they brought it on themselves"? How could you know this? people get hacked for various reason, you'd have to be an idiot to blame the victim without knowing all the facts.
You lack attention in RL so you need to come here for it. thats just lol.
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
Every case, since they can't take responsibility and always blame others for their own mistakes and carelessness. It is also fun, that their "friends" are the ones complaining on the forums. Usually spouting the same BS he just got served from his friend and acting surprised when others don't automaticly swallow it.
|
floggar
|
Posted - 2009.11.30 12:06:00 -
[26]
Originally by: Zartanic
Originally by: floggar
Originally by: Armoured C
I would of believed it more if you would of said this
"For the second time this month someone I know who brought isk has had there account hacked".
The responsibility for your account is yours and yours only, CCP can help in the protection but it up to you to insure you don't catch keyloggers which could effect your account. You can do this by only going on sites you trust , not buying isk (as the sites you purchase from has keyloggers on the site) and maintaining high security standards. Or buying anti-virus software like nod32
Basically they were idiots , got there account hacked and it there own fault. Don't cry here for there pennence as they have 99% likly brought it on themsleves. There is no guessing of these guys accounts it 100% brought on by themselves.
Hope they get there accounts banned
Hey forum ***** do you know for a fact that "they brought it on themselves"? How could you know this? people get hacked for various reason, you'd have to be an idiot to blame the victim without knowing all the facts.
You lack attention in RL so you need to come here for it. thats just lol.
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
Are you telling us that you think everyone who was ever hacked on the internet has brought it upon themselves?
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
How can you be %100 ceertain of that, do you know the details of each and every instance of this happening to an eve player?
|
Nareg Maxence
Gallente
JotunHeim Hird
|
Posted - 2009.11.30 12:10:00 -
[27]
Originally by: Bel Amar
People are getting hacked because they're getting keyloggers on their computers. The hackers aren't "guessing".
This.
|
Ryoji Tanakama
Caldari
Firestar Drive Yards
|
Posted - 2009.11.30 12:15:00 -
[28]
Edited by: Ryoji Tanakama on 30/11/2009 12:15:13
Originally by: Akita T
Quote:
and do not let eve login remember your passwords.
You can't forget to do something that is impossible to do.
Tut tut Akita.
You can enable remembering of passwords in one of the config files.
|
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 12:19:00 -
[29]
Originally by: floggar
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
Considering all the possible methods for a "hacker" to obtain your username and password, i will have to answer Yes to that question.
The only ways to get hacked ultimately come down to end-user stupidity. Either they use the same Username and Password for everything, and another service they use gets infiltrated (Corp website). They visit a dodgy website through either intent (Buying isk/other services) or blind stupidity (Phishing emails). They then proceed to give said website their details not making sure it is a legitimate website, or allow said website to run a script or save an executable (Most commonly a duped Flash Player)
At the end of the Day, the user is compromising their own computer by being a stupid end-user. So yes, they bring it on themselves.
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 12:21:00 -
[30]
Originally by: Ryoji Tanakama
Edited by: Ryoji Tanakama on 30/11/2009 12:15:13
Originally by: Akita T
Quote:
and do not let eve login remember your passwords.
You can't forget to do something that is impossible to do.
Tut tut Akita.
You can enable remembering of passwords in one of the config files.
I believe he was talking about the Eve Website, which remembers your details if you specify it to.
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
TeaDaze
Agony Unleashed
Agony Empire
|
Posted - 2009.11.30 12:21:00 -
[31]
Simple precautions to take with your account.
- Don't have a character name as the account name
- Don't use a dictionary word as the password
- Don't download strange things promising pronography
- Keep your machine patched and antivirus up to date
- Use flashblock and noscript to reduce (not 100% eliminate) the chances of getting hacked via flash or scripting exploits.
- Don't use your account name and password on any other website, application or reply with those details to any email pretending to be from CCP. They know your password already so don't need to ask for it by email etc
It isn't rocket science...
Vote TeaDaze for CSM #4
|
floggar
|
Posted - 2009.11.30 12:27:00 -
[32]
Edited by: floggar on 30/11/2009 12:28:57
Originally by: Alex Raptos
Originally by: floggar
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
Considering all the possible methods for a "hacker" to obtain your username and password, i will have to answer Yes to that question.
The only ways to get hacked ultimately come down to end-user stupidity. Either they use the same Username and Password for everything, and another service they use gets infiltrated (Corp website). They visit a dodgy website through either intent (Buying isk/other services) or blind stupidity (Phishing emails). They then proceed to give said website their details not making sure it is a legitimate website, or allow said website to run a script or save an executable (Most commonly a duped Flash Player)
At the end of the Day, the user is compromising their own computer by being a stupid end-user. So yes, they bring it on themselves.
So just to be clear, if someone unknowingly visits a compromised website, its their fault? Also, how do you make sure a website is legitimate?
When I google wormhole so I can get some info there are many results. Please educate me on on to make sure these informative websites are legit?
Shall I write the webmaster and await their response before I read the content?
|
Tiny Tove
|
Posted - 2009.11.30 12:31:00 -
[33]
Edited by: Tiny Tove on 30/11/2009 12:31:05
Originally by: Alex Raptos
The only ways to get hacked ultimately come down to end-user stupidity.
There but for the grace of God go you then. Because in the grand reckoning, in answer to whether you got hacked or not, you can only ever truthfully say "Yes" or "I don't know". |
Zartanic
Red Federation
|
Posted - 2009.11.30 12:33:00 -
[34]
Edited by: Zartanic on 30/11/2009 12:35:26
Originally by: floggar
Originally by: Zartanic
Originally by: floggar
Originally by: Armoured C
I would of believed it more if you would of said this
"For the second time this month someone I know who brought isk has had there account hacked".
The responsibility for your account is yours and yours only, CCP can help in the protection but it up to you to insure you don't catch keyloggers which could effect your account. You can do this by only going on sites you trust , not buying isk (as the sites you purchase from has keyloggers on the site) and maintaining high security standards. Or buying anti-virus software like nod32
Basically they were idiots , got there account hacked and it there own fault. Don't cry here for there pennence as they have 99% likly brought it on themsleves. There is no guessing of these guys accounts it 100% brought on by themselves.
Hope they get there accounts banned
Hey forum ***** do you know for a fact that "they brought it on themselves"? How could you know this? people get hacked for various reason, you'd have to be an idiot to blame the victim without knowing all the facts.
You lack attention in RL so you need to come here for it. thats just lol.
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
Are you telling us that you think everyone who was ever hacked on the internet has brought it upon themselves?
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
How can you be %100 ceertain of that, do you know the details of each and every instance of this happening to an eve player?
We're are talking about EVE not the internet.
On that basis yes it is their fault. If you could give me an example where it is not that would be great as I can't think of one. The only exception I can think of is a very new security hole but when that happens many players would be compromised and there is no evidence of that. Also security holes tend to allow loggers to be placed on a site but the normal precautions should still stop them running or being effective.
I'm also not saying I'm totally safe, no one is. Being paranoid and realising we all **** up is a good attitude to have I think. Feeling tired, irritable or just distracted is enough to run a malicious script and not realise its happened.
But not to learn from that and try and blame a third party with no evidence tells me it will happen to them again sooner or later.
If it happened to me Id try and work out how it happened and be very embarrassed about it.
|
coolzero
Gallente
Dutch Federation Player Corp
|
Posted - 2009.11.30 12:33:00 -
[35]
time for ccp to add a authenticator option like WoW has :P
Jack of all trades, master of none...
|
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 12:38:00 -
[36]
Originally by: floggar
Edited by: floggar on 30/11/2009 12:28:57
Originally by: Alex Raptos
Originally by: floggar
And specifically to eve, You can honestly tell us that every person who has had thier account hacked has brought that upon themselves?
Considering all the possible methods for a "hacker" to obtain your username and password, i will have to answer Yes to that question.
The only ways to get hacked ultimately come down to end-user stupidity. Either they use the same Username and Password for everything, and another service they use gets infiltrated (Corp website). They visit a dodgy website through either intent (Buying isk/other services) or blind stupidity (Phishing emails). They then proceed to give said website their details not making sure it is a legitimate website, or allow said website to run a script or save an executable (Most commonly a duped Flash Player)
At the end of the Day, the user is compromising their own computer by being a stupid end-user. So yes, they bring it on themselves.
So just to be clear, if someone unknowingly visits a compromised website, its their fault? Also, how do you make sure a website is legitimate?
When I google wormhole so I can get some info there are many results. Please educate me on on to make sure these informative websites are legit?
Shall I write the webmaster and await their response before I read the content?
Congratulations, you are taking eve-related advice and taking it out of context to the entire internet.
But regarding your first point-
Checking the URL to make sure you are actually on the eve online website (If not, what the hell are you doing putting in your information?)
Not downloading anything they claim you need to run the website properly (I.e Flashplayer.exe, Java.exe are the most common two.) If you REALLY think you might need an update, get it from the source programs website (www.sunmicrosystems.com (Java) or www.adobe.com (Flash))
And lastly regarding illegitimate scripts, For firefox there is Noscript, i'm pretty damn sure there are other methods for different browsers aswell, if not, then you are still at fault for using an insecure browser 
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Tiny Tove
|
Posted - 2009.11.30 12:39:00 -
[37]
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I don't mind people having the option to have an "Eve Online" keyring with a picture of optionally a Navy Megathron, or perhaps Kessie on it, for reasons of misplaced vanity and account security, but I would very much like that gimmick's total cost to be picked up by that particular small demographic, as opposed to making us all pay for an expensive perception of security where an extremely cheap perception of security was available already. |
Zartanic
Red Federation
|
Posted - 2009.11.30 12:39:00 -
[38]
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I saw a cheaper one which is common in asia apparently. You get an email sent with a chart of numbers with code letters against each, unique to each user. You have to type in these code numbers to log. Its a bit like when banks used to ask for letters 2,5 and 7 of your password. It's not completely foolproof of course but it better than nothing and costs nothing to the user.
|
Johan Sabbat
Blue Republic
|
Posted - 2009.11.30 12:55:00 -
[39]
Edited by: Johan Sabbat on 30/11/2009 12:55:46
Originally by: Zartanic
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I saw a cheaper one which is common in asia apparently. You get an email sent with a chart of numbers with code letters against each, unique to each user. You have to type in these code numbers to log. Its a bit like when banks used to ask for letters 2,5 and 7 of your password. It's not completely foolproof of course but it better than nothing and costs nothing to the user.
And combine it with 'lens lock' technology (see Elite for spectrum 48k) to make it truly impossible to access eve ever again.
--fake edit
Maybe 'lens lock' would work better with flat screens and no longer be as safe.
--real edit
spelling
|
Nareg Maxence
Gallente
JotunHeim Hird
|
Posted - 2009.11.30 12:55:00 -
[40]
Originally by: floggar
So just to be clear, if someone unknowingly visits a compromised website, its their fault? Also, how do you make sure a website is legitimate?
When I google wormhole so I can get some info there are many results. Please educate me on on to make sure these informative websites are legit?
Shall I write the webmaster and await their response before I read the content?
Even if you visit a compromised website, you still have to say yes to download bad stuff and yes to install bad stuff afterwards, so it's still your fault. That is assuming you keep your browser and OS up to date with latest security updates.
|
NyteTyger
Gallente
NiteSun Enterprises
|
Posted - 2009.11.30 13:08:00 -
[41]
I wonder how many of these dedicated EVE boxes that never, ever surf the net, who have never even been to an ISK buying website, have a mining/mission bot running on them. 
__________________________________________
It's a do or die universe, so you better damn well choose between one or the other. |
Cypherous
Minmatar
Liberty Rogues
Rally Against Evil
|
Posted - 2009.11.30 13:13:00 -
[42]
Originally by: Ryoji Tanakama
Edited by: Ryoji Tanakama on 30/11/2009 12:15:13
Originally by: Akita T
Quote:
and do not let eve login remember your passwords.
You can't forget to do something that is impossible to do.
Tut tut Akita.
You can enable remembering of passwords in one of the config files.
You used to be able to do that many many many moons ago but it was removed as a security issue years back ;)
Rally Against Evil Site |
Tiny Tove
|
Posted - 2009.11.30 13:41:00 -
[43]
To help the slow ones out a little more
Even game creators and THE POLICE think that the perpetrator of the crime is the one to bear the blame.
Maybe your "Victim bears the fault" would have been very appropriate in a 1970's **** trial, but the rest of us moved on into the 21st century and beyond. |
MoZo1
|
Posted - 2009.11.30 14:22:00 -
[44]
Originally by: SeerinDarkness
all eve players i strongly urge you to change your passwords once a week [...] forcing password resets
Please don't!
This is the easiest way to make me come up with the dumbest passwords ever. My ebank is doing this, and after 4-5 change it's completely impossible to keep track of which one is the current one.
If you're about to improve security, RSA tokens would be welcome!
|
SeerinDarkness
Minmatar
An Tir
|
Posted - 2009.11.30 14:54:00 -
[45]
First of all ,NO it wasent me that got whacked
Second i started this thread strictly to put out some kind of warning/information. Do with this as u will, pay attiention or not.
Third i do implicitly trust the acount of events as given to me by somone i know for over 2 years thru this game,far as i can tell there is no reason to believe that the events dident happen as described
Fourth and most of all, given that the same box is running multipal accounts and only 1 account was raided says several things now dosent it. that paticular box also blew the mobo approxamatly 3-4 days before this happened and is awaiting replacment parts even now.
Seer
|
KaarBaak
Minmatar
The Protei
|
Posted - 2009.11.30 15:02:00 -
[46]
Originally by: SeerinDarkness
First of all ,NO it wasent me that got whacked
Second i started this thread strictly to put out some kind of warning/information. Do with this as u will, pay attiention or not.
Third i do implicitly trust the acount of events as given to me by somone i know for over 2 years thru this game,far as i can tell there is no reason to believe that the events dident happen as described
Fourth and most of all, given that the same box is running multipal accounts and only 1 account was raided says several things now dosent it. that paticular box also blew the mobo approxamatly 3-4 days before this happened and is awaiting replacment parts even now.
Seer
/me rolls a natural '20' and disbelieves.
KB
Beware the beast Man, for he is the Devil's pawn. Alone among God's primates, he kills for sport or lust or greed. Yea, he will murder his brother to possess his brother's land. |
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 15:07:00 -
[47]
Originally by: Tiny Tove
To help the slow ones out a little more
Even game creators and THE POLICE think that the perpetrator of the crime is the one to bear the blame.
Maybe your "Victim bears the fault" would have been very appropriate in a 1970's **** trial, but the rest of us moved on into the 21st century and beyond.
Because computer Viruses and other Malicious actions are completely linear to ****. Yes indeed, being ****d is completely comparable to clicking "Yes" to a popup that claimed to be flash player but was not because you didn't download it from the creators website.
**** is completely comparable to using the same User Name and Password as your Game details for Corp Forums and Email accounts. Yes indeedy.
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Miraqu
Caldari
|
Posted - 2009.11.30 15:20:00 -
[48]
I wonder why nobody has mentioned the most effective security measure:
- Don't use administrative privileges if not needed.
|
Zartanic
Red Federation
|
Posted - 2009.11.30 15:30:00 -
[49]
Edited by: Zartanic on 30/11/2009 15:35:45
Originally by: Tiny Tove
To help the slow ones out a little more
Even game creators and THE POLICE think that the perpetrator of the crime is the one to bear the blame.
Maybe your "Victim bears the fault" would have been very appropriate in a 1970's **** trial, but the rest of us moved on into the 21st century and beyond.
Yes I read that today, its interesting they only got a caution. Laws are terrible for these sorts of things.
As to blame or course the perpetrator is ultimately to blame. That does not excuse people from taking mitigating steps, any more than opening my front door and announcing 'I'm out for a few days' to the local burgler would be a smart thing to do.
As an extreme example, I know someone recently who refused to wear a car seat belt and it got someone killed in a car crash even though the crash was not their fault. They are lucky to have escaped prison as they defiantly broke the law and were taken to court over it.
People need to take some responsibility for their own actions or put up with the consequences. The law agrees with that to some extent.
Every person I personally know who was compromised allowed it to happen, either by ignorance, laziness (which is how I'm likely to be hacked If I ever am) or negligence.
|
NyteTyger
Gallente
NiteSun Enterprises
|
Posted - 2009.11.30 15:34:00 -
[50]
Originally by: SeerinDarkness
First of all ,NO it wasent me that got whacked
Second i started this thread strictly to put out some kind of warning/information. Do with this as u will, pay attiention or not.
Third i do implicitly trust the acount of events as given to me by somone i know for over 2 years thru this game,far as i can tell there is no reason to believe that the events dident happen as described
Fourth and most of all, given that the same box is running multipal accounts and only 1 account was raided says several things now dosent it. that paticular box also blew the mobo approxamatly 3-4 days before this happened and is awaiting replacment parts even now.
Seer
Just out of curiosity, that one account wouldn't happen to be a miner or missioner, would it? I'm curious about the bot situation I mentioned.
No web surfing, no isk buying, but a program designed to capture keystrokes that may need the account info to log in automatically would certainly answer a lot of questions.
__________________________________________
It's a do or die universe, so you better damn well choose between one or the other. |
Tiny Tove
|
Posted - 2009.11.30 16:13:00 -
[51]
Originally by: Zartanic
Every person I personally know who was compromised allowed it to happen, either by ignorance, laziness (which is how I'm likely to be hacked If I ever am) or negligence.
Try it.
"Look how she was dressed your honour, she was begging for it, clearly."
"The door was wide open your honour, why shouldn't I help myself to their stuff"
Or if you really want a close analogy
"I copied his door key and robbed him while he was out, this is clearly his responsibility for not knowing I was going to do it, and failing to stop me."
It does not matter how much you enjoy putting the blame where it does not lie, it will never be considered acceptable, unless you're Tony Blair of course, in which case it makes perfect sense. |
Alex Raptos
Caldari
Phoenix Rising.
|
Posted - 2009.11.30 16:17:00 -
[52]
Originally by: Tiny Tove
"He gave me his door key and gave me everything i needed to rob him while he was out"
Fixed your Analogy.
Originally by: Dirk Magnum
I've become gay for Mark Harmon despite my initial reservations about the show NCIS but nobody will ever know
|
Tiny Tove
|
Posted - 2009.11.30 16:31:00 -
[53]
Edited by: Tiny Tove on 30/11/2009 16:36:11
Edited by: Tiny Tove on 30/11/2009 16:35:14
Edited by: Tiny Tove on 30/11/2009 16:34:16
Edited by: Tiny Tove on 30/11/2009 16:33:52
Edited by: Tiny Tove on 30/11/2009 16:32:51
Edited by: Tiny Tove on 30/11/2009 16:31:35
Originally by: Alex Raptos
Originally by: Tiny Tove
"He gave me his door key and gave me everything i needed to rob him while he was out"
Fixed your Analogy.
No, you broke it. Try not being silly. You really believe, deep down, that they hand over their account name and passord on request? Do you?
Is that what you believe?
Do you?
Do you believe that? Seriously?
From the bottom of your heart and everything?
Like really believe that everybody who got hacked was just online buying some isk, because CCP said so, and they were asked "ni hao" Give username and password!" like CCP say they do? You actually honestly believe that?
Really?
Really?
EDIT:
Really?! You actually believe that?!
You actually believe that occurs, I have some friends would love to hear from you! |
shwarzkauph
bullets with butterfly wings
|
Posted - 2009.11.30 16:34:00 -
[54]
Originally by: Alex Raptos
Originally by: Tiny Tove
"He gave me his door key and gave me everything i needed to rob him while he was out"
Fixed your Analogy.
lame
u lose |
Captain Tardbar
State Protectorate
|
Posted - 2009.11.30 16:50:00 -
[55]
Originally by: TeaDaze
Simple precautions to take with your account.
- Don't have a character name as the account name
- Don't use a dictionary word as the password
- Don't download strange things promising pronography
- Keep your machine patched and antivirus up to date
- Use flashblock and noscript to reduce (not 100% eliminate) the chances of getting hacked via flash or scripting exploits.
- Don't use your account name and password on any other website, application or reply with those details to any email pretending to be from CCP. They know your password already so don't need to ask for it by email etc
It isn't rocket science...
Also... I believe (IMO) that a prominent 3rd party tool has been compromised so I refuse to download any exe related to eve no matter how well backed up it is.
Of course I'm just paranoid and I'm not calling anyone out, but even with the posted source code, unless you compile it yourself you can never be sure.
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 17:45:00 -
[56]
It is always your fault because it is your account on your pc. If you dont have you pc regulated to stop such keyloggers from your machine then it is you that has comprimised security for your account.
Every person here that has had there account compromised was during the audri batonni incident where people were clicking the links, purchasing isk ( which is the common factor, but denying he hasn't every dev has come on here and cruisified them in public about it)
also trusting someone word in a video game because you known them for 2 years isn't exactly his word. yeah you know him but i knew someone for 4 years in a corp , still didn't stop him robbing everything in the corp hanger did it? face it , he brought isk as he isn't going to tell you because that is where the majority of his accounts are.
also for you key thingie you demostarted for a real life thing , yeah he key was duplicated so he stuff was robbed while he was out but the insurer wont cover him since there was no forced entry into the home. so even then they still have to cough up for new stuff.
everything you download on to your pc is by your own doing, weather you know about it or you don't know about it.
you will have to accept that he is in the wrong and most likly to have brought isk, in which case his account should be banned and any isk he shared with you removed from your account as well as any others.
PC SECURITY IS THE USERS DOING ALONE!!!!!!!!!!
|
Zartanic
Red Federation
|
Posted - 2009.11.30 17:47:00 -
[57]
Edited by: Zartanic on 30/11/2009 17:56:45
Originally by: Tiny Tove
Originally by: Zartanic
Every person I personally know who was compromised allowed it to happen, either by ignorance, laziness (which is how I'm likely to be hacked If I ever am) or negligence.
Try it.
"Look how she was dressed your honour, she was begging for it, clearly."
"The door was wide open your honour, why shouldn't I help myself to their stuff"
Or if you really want a close analogy
"I copied his door key and robbed him while he was out, this is clearly his responsibility for not knowing I was going to do it, and failing to stop me."
It does not matter how much you enjoy putting the blame where it does not lie, it will never be considered acceptable, unless you're Tony Blair of course, in which case it makes perfect sense.
Stop bringing politics into this it makes you look foolish.
Also stop bringing up strawmen. It was made clear earlier we are talking EVE security, not even online security. If you can't grasp the fact only complete idiots do nothing about their online security go ahead and get hacked. Just don't come crying here about it.
You're other comparisons are inane, immature and completely irrelevant.
Finally there is no such thing as black and white, you will learn that one day, its all a matter of degrees:
1. Perpetrator was to blame for the hack
2. Victim was culpable for allowing it, depending on the circumstances.
We are talking about the victim side obviously, the perpetrator blame is self evident and not under discussion or relevant.
|
Manu Hermanus
FaDoyToy
|
Posted - 2009.11.30 17:53:00 -
[58]
to make a password, tap the shift key repedtedly and smash your face into the keyboard, now roll it around a bit, still tapping the shift key you will get something like
LJTBGLCU*<O^rk;6t5gek,7oil*5t6p9O:(*t6yuedsrYK;i79tOUYFdl6r&otrS
%y7elrI&Yto8PY&9i8tLrfkTYDl;*Itr;"T8I^DtyrsxrysUfr7rf7RFTUlduf&IoFLTUdi78R
few good passwords in there.
You're posting again!? Has it really been 5 mins?
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 18:08:00 -
[59]
Originally by: Zartanic
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
WoW accounts were 'hacked' with a keylogger that used a 0-day exploit in Flash to install itself. The movie was submitted as an ad to Google, where it promptly appeared on many 'trusted' web sites (Such as EvE-Central or EvE-Search in our game universe).
Thus, player who is just going to a normal web site to look up some random bit of information is 'hacked' without clicking on any 'ok to install' buttons.
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 18:19:00 -
[60]
Edited by: Ukucia on 30/11/2009 18:26:11
Edited by: Ukucia on 30/11/2009 18:20:00
Originally by: Armoured C
also for you key thingie you demostarted for a real life thing , yeah he key was duplicated so he stuff was robbed while he was out but the insurer wont cover him since there was no forced entry into the home. so even then they still have to cough up for new stuff.
Nope. Forced entry isn't required for insurance pay-out. Simply because it's also not that hard to break in to a house using means that are not 'forced'. (Pick the lock, copy keys while you're working as a valet, etc)
Quote:
everything you download on to your pc is by your own doing, weather you know about it or you don't know about it.
I've placed a few hundred megabytes of child **** on your computer through an exploit you (and your AV vendor) don't know about, and I've used a rootkit to prevent you from seeing it, much less deleting it. The police will be along shortly and I've informed them how to find the files. Do you still agree that everything on your PC is 100% your responsibility?
(Ok, I really haven't. But there's some malware 'in the wild' that is used to store and transfer child ****. Because of it, people have been arrested for possession of child **** without knowing it was on their computers. They were released when the authorities determined they didn't know it was on their computer.)
|
Zartanic
Red Federation
|
Posted - 2009.11.30 18:22:00 -
[61]
Edited by: Zartanic on 30/11/2009 18:32:56
Originally by: Ukucia
Originally by: Zartanic
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
WoW accounts were 'hacked' with a keylogger that used a 0-day exploit in Flash to install itself. The movie was submitted as an ad to Google, where it promptly appeared on many 'trusted' web sites (Such as EvE-Central or EvE-Search in our game universe).
Thus, player who is just going to a normal web site to look up some random bit of information is 'hacked' without clicking on any 'ok to install' buttons.
Yes I remember that. Thanks for pointing it out. A few years ago these sorts of hacks were common and I don't think a secure system will be possible for years to come.
But the feature of that was the numerous player who got hacked. Similar to my old guild where our forums were hacked and about 20 players accounts were compromised. This happened to many forums as the code at the time had a massive security hole. They had used the same account details for the forums as their login though so they were culpable by negligence.
The fact the Ops post is not accompanied by reports of a new hack on these forums or elsewhere leads me to believe it was not one of those attacks and is more likely to have been avoidable.
Having said that its not possible to know for sure. For all we know tomorrow there may be a millions posts from others about a new security hole. But I do know that saying 'he can't possibly be at fault' is wrong and that's what I'm disagreeing with.
I also think that subject to these rare exploits players are responsible to take reasonable precautions against attack and not moan when it happens or try and blame someone else (such as CCP) with no evidence.
Finally saying someone is at fault for allowing themselves to be hacked does not affect in the slightest the guilt of those who do the attacks who I think should be made criminally responsible with sterner penalties than a stupid caution.
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 18:31:00 -
[62]
Originally by: Zartanic
Originally by: Ukucia
Originally by: Zartanic
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
WoW accounts were 'hacked' with a keylogger that used a 0-day exploit in Flash to install itself. The movie was submitted as an ad to Google, where it promptly appeared on many 'trusted' web sites (Such as EvE-Central or EvE-Search in our game universe).
Thus, player who is just going to a normal web site to look up some random bit of information is 'hacked' without clicking on any 'ok to install' buttons.
Yes I remember that. Thanks for pointing it out. A few years ago these sorts of hacks were common and I don't think a secure system will be possible for years to come.
But the feature of that was the numerous player who got hacked. Similar to my old guild where our forums were hacked and about 20 players accounts were compromised. They had used the same account details for the forums as their login though.
The fact the Ops post is not accompanied by reports of a new hack on these forums or elsewhere leads me to believe it was not one of those attacks and is more likely to have been avoidable.
Yet it still satisfies your request for an example where it is not the fault of the person hacked. Plus a clever use of cookies could probably target your malware-laden flash ad at a small subset of players.
Of course, I have no idea what the OP/OP's friend did, and 9 times out of 10 you find out that their PC that 'only was used to play EvE' was used 'only once' to surf for **** or host torrents or it had no AV & no Firewall and was plugged directly into their cable modem, etc.
Point being just 'surfing smart' is not sufficient protection. It just removes you from the pool of very low-hanging fruit.
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 18:32:00 -
[63]
i find it hilarious that your hanging off this guys word because you only known him for 2 years.
|
Zartanic
Red Federation
|
Posted - 2009.11.30 18:41:00 -
[64]
Edited by: Zartanic on 30/11/2009 18:43:15
Originally by: Ukucia
Originally by: Zartanic
Originally by: Ukucia
Originally by: Zartanic
Could you please give one example where its not the fault of the person hacked. It's not easy, I can't think of one, maybe you could help me on that.
WoW accounts were 'hacked' with a keylogger that used a 0-day exploit in Flash to install itself. The movie was submitted as an ad to Google, where it promptly appeared on many 'trusted' web sites (Such as EvE-Central or EvE-Search in our game universe).
Thus, player who is just going to a normal web site to look up some random bit of information is 'hacked' without clicking on any 'ok to install' buttons.
Yes I remember that. Thanks for pointing it out. A few years ago these sorts of hacks were common and I don't think a secure system will be possible for years to come.
But the feature of that was the numerous player who got hacked. Similar to my old guild where our forums were hacked and about 20 players accounts were compromised. They had used the same account details for the forums as their login though.
The fact the Ops post is not accompanied by reports of a new hack on these forums or elsewhere leads me to believe it was not one of those attacks and is more likely to have been avoidable.
Yet it still satisfies your request for an example where it is not the fault of the person hacked. Plus a clever use of cookies could probably target your malware-laden flash ad at a small subset of players.
Of course, I have no idea what the OP/OP's friend did, and 9 times out of 10 you find out that their PC that 'only was used to play EvE' was used 'only once' to surf for **** or host torrents or it had no AV & no Firewall and was plugged directly into their cable modem, etc.
Point being just 'surfing smart' is not sufficient protection. It just removes you from the pool of very low-hanging fruit.
Yes but to sum up what I said in reply (I edited maybe as you posted):
1. Those that were hacked (In the case I was mentioned) still made a dumb mistake in using the same passwords. I was was not hacked.
2. These sorts of attacks are rare and when they happen widely advertised as they affect many. There is no evidence this relates to the Op. And its the Op we are addressing.
3. Saying someone has culpability for what happened in no way reduces the guilt of the person that did it. The two are unrelated. So comparing it to rapists' victims (as someone did earlier) is ignorant and an offensive attempt to win an argument.
4. I agree its impossible to be 100% safe. That cut both ways, its always wrong to say as the Op does 'I'm certain he did nothing stupid to get the hack' as until he finds out what happened, which he may never do, he cannot be sure. To then accuse CCP or whatever for the attack is simply wrong.
|
NyteTyger
Gallente
NiteSun Enterprises
|
Posted - 2009.11.30 19:09:00 -
[65]
Edited by: NyteTyger on 30/11/2009 19:11:55
Originally by: NyteTyger
Just out of curiosity, that one account wouldn't happen to be a miner or missioner, would it? I'm curious about the bot situation I mentioned.
No web surfing, no isk buying, but a program designed to capture keystrokes that may need the account info to log in automatically would certainly answer a lot of questions.
Still curious.
And to the kiddie **** example -
Don't ever do that again. Seriously. It's a damn game, and I don't care how much freaking time you put into it, or what you lost, or if your whole damn computer burnt down, you don't compare it to kiddie ****.
Has absolutely no reason to even be in this discussion, 'example' or not.
It's a game, don't even mention that **** in passing, no matter the reason. Ought to be ashamed of even bringing it up in relation to a game in any shape form or fashion.
__________________________________________
It's a do or die universe, so you better damn well choose between one or the other. |
Trisa Li
|
Posted - 2009.11.30 19:12:00 -
[66]
Edited by: Trisa Li on 30/11/2009 19:15:48
There are two probable situations where being 'hacked' would not be the fault of the user.
1. Database compromise. This kind of thing DOES happen, although rarely, but if it did, you can be sure it would be noticed and taken care of swiftly.
2. Brute force attempts. Not sure what kind of flagging CCP has in place to prevent this sort of thing, but brute force can only be truly effective with an account name, a lot of time and effort, and a relatively simple password. Two parts of this equation (the account name, and difficulty of password) are within the user's control, meaning that taking the most simple precautions will protect you from all but the most devoted, vengeful 'hackers'.
What does this mean?
Simply, it's a lot easier to exploit one of the weaker links in this chain, user error.
For the time and effort put into brute forcing a SINGLE eve account, one could potentially rake in hundreds/thousands from a well-developed trojan scam.
Look back to diablo 2: LoD. A programmer named Netter released his new version of a bot, and used the trust he had developed in the community to sneak in a password/username logging function. By the time this was discovered, thousands of compromised accounts had been released to the public.
Small amount of effort, large amount of user error, huge results.
The worst thing is, there will ALWAYS be people who are easily deceived in this way. We all want to believe that it will never happen to us, but that cannot be true unless you are vigilant.
|
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.11.30 20:03:00 -
[67]
i have bets that it is still purchasing isk and the key logger was received from the site
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 22:55:00 -
[68]
Originally by: Trisa Li
Edited by: Trisa Li on 30/11/2009 19:15:48
There are two probable situations where being 'hacked' would not be the fault of the user.
1. Database compromise. This kind of thing DOES happen, although rarely, but if it did, you can be sure it would be noticed and taken care of swiftly.
2. Brute force attempts. Not sure what kind of flagging CCP has in place to prevent this sort of thing, but brute force can only be truly effective with an account name, a lot of time and effort, and a relatively simple password. Two parts of this equation (the account name, and difficulty of password) are within the user's control, meaning that taking the most simple precautions will protect you from all but the most devoted, vengeful 'hackers'.
What does this mean?
3. Use a 0-day exploit, as mentioned above.
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 22:57:00 -
[69]
Edited by: Ukucia on 30/11/2009 22:57:03
Originally by: Armoured C
i have bets that it is still purchasing isk and the key logger was received from the site
ISK sellers don't steal from their customers. That's not good business. They want to keep them coming back for more ISK.
ISK sellers steal from those who are not their customers, because they don't give a damn about anyone who doesn't pay them.
|
Anewb N'eve
|
Posted - 2009.11.30 22:58:00 -
[70]
Hmmm...
Been on the internet I don't remember how long, Windows 3.11?, Slackware Linux was like 14 floppy img download.
Used to download music, movies, warez.
Have always surfed **** sites.
I have only ever gotten 1 virus and 1 keylogger...from floppies (2 different times).
Unless its a government or big corperate computer it almost always a user problem.
Now the CCP internal problem is possible but unlikely.
Go see whats on your buddies computer if he hasn't wiped it already.
|
Ukucia
Gallente
The Scope
|
Posted - 2009.11.30 23:03:00 -
[71]
Edited by: Ukucia on 30/11/2009 23:03:09
Originally by: NyteTyger
And to the kiddie **** example -
Don't ever do that again. Seriously. It's a damn game, and I don't care how much freaking time you put into it, or what you lost, or if your whole damn computer burnt down, you don't compare it to kiddie ****.
I'm not the OP, nor the OP's friend. In fact I'm waiting for my subscription to wind down and haven't logged in to the game in a while. I'm only here because I'm really THAT bored at work.
Quote:
Has absolutely no reason to even be in this discussion, 'example' or not.
Sure it does. These threads often devolve into so-called experts asserting that there's no possible way to get keylogged unless you "Do something stupid". This is false. And people are spending time in jail because these so-called experts are absolutely sure that you are 100% responsible for everything that happens with your computer.
Fact is any networked system is vulnerable. You are not 'safe', you are just 'not hacked yet'. I'm sorry your revulsion at the subject matter has clouded your ability to read.
|
NyteTyger
Gallente
NiteSun Enterprises
|
Posted - 2009.11.30 23:24:00 -
[72]
Originally by: Ukucia
Edited by: Ukucia on 30/11/2009 23:03:09
Originally by: NyteTyger
And to the kiddie **** example -
Don't ever do that again. Seriously. It's a damn game, and I don't care how much freaking time you put into it, or what you lost, or if your whole damn computer burnt down, you don't compare it to kiddie ****.
I'm not the OP, nor the OP's friend. In fact I'm waiting for my subscription to wind down and haven't logged in to the game in a while. I'm only here because I'm really THAT bored at work.
Quote:
Has absolutely no reason to even be in this discussion, 'example' or not.
Sure it does. These threads often devolve into so-called experts asserting that there's no possible way to get keylogged unless you "Do something stupid". This is false. And people are spending time in jail because these so-called experts are absolutely sure that you are 100% responsible for everything that happens with your computer.
Fact is any networked system is vulnerable. You are not 'safe', you are just 'not hacked yet'. I'm sorry your revulsion at the subject matter has clouded your ability to read.
Ah, you misunderstood. It didn't cloud my ability to read. It just made me think of you as a complete jackass. Who would even bring it up in any kind of relation to a game in any shape form or fashion? Has no place in the discussion, as they are no where near each other in importance.
Get your ****in' head straight.
__________________________________________
It's a do or die universe, so you better damn well choose between one or the other. |
Armoured C
Gallente
Noir.
Noir. Mercenary Group
|
Posted - 2009.12.01 00:15:00 -
[73]
Originally by: Ukucia
Edited by: Ukucia on 30/11/2009 22:57:03
Originally by: Armoured C
i have bets that it is still purchasing isk and the key logger was received from the site
ISK sellers don't steal from their customers. That's not good business. They want to keep them coming back for more ISK.
ISK sellers steal from those who are not their customers, because they don't give a damn about anyone who doesn't pay them.
what you mean getting them to purchase isk then taking it back from them and keeping there money isn't good business practice which in turn they have lost out on making more isk through missions and so buy more.
Your working on the assumption that they only have 2 customers, if you purchase isk and they take it back from you not only do they get your money , they get your isk and sell it to some other sod which them completes the cycle, rinse and repeat.
|
Shakon
|
Posted - 2009.12.01 12:45:00 -
[74]
SO when are all these fan boys going to jump on the large allainces that use Bot ming and isk buying to maintain their stuff? OOPS most of them are in those allainces i fergot.
|
Tiny Tove
|
Posted - 2009.12.01 13:42:00 -
[75]
It's clear some people think they are invulnerable and have no clue what it's like to be a victim.
You're only as safe as the exploits you know about. Pray nobody uses one you don't know about, as then you can really get some crying done, but maybe you'll shut up about the victims being to blame. Clearly that's the only way it will occur.
I'd love to see it... "blub blub... CCP said I could only get hacked if I bought isk blub blub... and I believed them... blub blub..."
Twenty years ago, you'd already be looking at incorrect login screens, maybe some enterprising young hacker is out looking for lulz though. |
cyclobs
|
Posted - 2009.12.01 14:02:00 -
[76]
Originally by: Komi Toran
Originally by: Cridu Chat
Guessing games...
Have fun guessing my 20+ characters password.
Maybe don't use 1234 on ur Account ?
That's amazing! I've got the same combination on my luggage!
bahahaha
"and you, change my luggage combination" "sir, it appears we have been jammed"
good movie
|
coolzero
Gallente
Dutch Federation Player Corp
|
Posted - 2009.12.01 14:07:00 -
[77]
Originally by: Zartanic
Originally by: coolzero
time for ccp to add a authenticator option like WoW has :P
I saw a cheaper one which is common in asia apparently. You get an email sent with a chart of numbers with code letters against each, unique to each user. You have to type in these code numbers to log. Its a bit like when banks used to ask for letters 2,5 and 7 of your password. It's not completely foolproof of course but it better than nothing and costs nothing to the user.
the wow authenticator come as a ipod app as well and that has zero cost...and the authenticator itself is just what 6 euro...i rather pay that small of a fee for some better security that doesnt req me to remember a long password(that can be hacked anyway with keyloggers whatever) the authenticarot nummer changes every login so much saver imo
Jack of all trades, master of none...
|
Smash N'Grab
School of Applied Knowledge
|
Posted - 2009.12.01 14:36:00 -
[78]
"The door was wide open your honour, why shouldn't I help myself to their stuff"
In this particular case:
Yes the thief is responsible for the crime. However...
Insurance will not cover the losses incurred as a result of the theft, as the home owner did not provide due care in securing their home and property.
Just sayin'
|
Rothrin
|
Posted - 2009.12.01 15:38:00 -
[79]
Edited by: Rothrin on 01/12/2009 15:40:08
Edited by: Rothrin on 01/12/2009 15:39:20
A bbc report from yesterday on a similer subject
bbc
|
Mr Epeen
|
Posted - 2009.12.01 16:04:00 -
[80]
Am I the only one bookmarking this thread so that I can have the pure joy of linking it when one of these moronic " don't get haxed if you are not buying/sellingisk/DL****/etc" idiots comes back here in a month whining because they lost their acct.
They pure pleasure of throwing peoples own quotes back at them makes reading these stupid posts by stupid people worth while.
Mr Epeen 
|
Sky Marshal
IMpAct Corp
Tau Ceti Federation
|
Posted - 2009.12.01 16:13:00 -
[81]
Edited by: Sky Marshal on 01/12/2009 16:15:06
Quote:
People are getting hacked because they're getting keyloggers on their computers. The hackers aren't "guessing".
People are getting hacked because they're getting keyloggers, and because > CCP < had REMOVED the "Save Password" feature years ago, who would permit to NOT have to retype the password each time so who would REDUCE the risk to be theft by a keylogger.
And it was removed for "security reasons" because some morons used to play EVE at work or used their login/pass in some friend's computer, so some bad guys came after them...
CCP is partially responsible of this situation, by removing this feature who also reduce standard security as players are motivated to use easy to remember & small passwords.
_______
With the NGE, I'm sorry about the mistake we made. We screwed up and didn't listen to the fans when we should have.
- John Smedley, CEO of Sony Online Entertainment |
Tiny Tove
|
Posted - 2009.12.01 16:16:00 -
[82]
Originally by: Mr Epeen
Am I the only one bookmarking this thread so that I can have the pure joy of linking it when one of these moronic " don't get haxed if you are not buying/sellingisk/DL****/etc" idiots comes back here in a month whining because they lost their acct.
They pure pleasure of throwing peoples own quotes back at them makes reading these stupid posts by stupid people worth while.
Mr Epeen
No. The odds are against it though. I tend to keep my puss shut when I shaft myself publicly. |
Tiny Tove
|
Posted - 2009.12.01 16:29:00 -
[83]
Originally by: Sky Marshal
People are getting hacked because they're getting keyloggers, and because > CCP
Security is entirely relative. Having read the patch notes, despite the amount of time they had prior to Dominion, CCP have singularly failed to reasonably address what is one of the biggest issues to plague the last installement of Eve. I'm not expecting anybody from the CSM to show up and take credit for this lack of action either.
CCP's response to recent account security has been, at worst, negligent to the point of almost assisting the thieves.
The hilarious thing is that the hackers weren't even performing very sophisticated attacks, because generally you don't need to, ignorance is unbelievably commonplace, you don't generally need to be sophisticated with a scattergun attack to score random hits.
The only thing that keeps the account safe of people like Armoured C and the other jokers who are spouting their hateful nonsense, the only thing, is that these attackers don't need Armoured C's account, any account will do just fine. CCP have done very little to stop the next generation of attacks we'll face, they had an opportunity to do so, but chose not to.
So while these hateful people sit their telling people it's their fault they lost out, they don't realise they should be thankful, because the moment the computer illiterate people get proper protection and help from CCP, the attacks will get more sophisticated, and the cycle continues, gradually working it's way up the computer literacy scale, and eventually somebody with one of these unflappable egos will get hit, and very suddenly their tune will change.
We won't hear it change, they'll just be sat in their bedroom worrying, realising, that the Eve account was actually the least of their worries. |
SeerinDarkness
Minmatar
An Tir
|
Posted - 2009.12.01 16:34:00 -
[84]
Actually its is horridly easy to brute force,flat out guess the password.
1 eve forums and eve client use same acount name
2 if you ever have attempted to buy or bought a char from anyone and had it transferd, you give up your account name to the seller making it rediculasly easy to harvest account names
3 login for forums is not secure aspx? page and can be back clicked to however many times is needed
but overall when i made this thread in paticular it was to be nothing more than a reminder and suggestion to change all passwords on your accounts and change api keys just in case, nothing more.
to all those who have flooded this post with flames about who is responcable for whator automaticly blame the person who got hacked etc or say that they have garnerd nothng but enjoymennt from someone elses problem/loss...may you oneday SOON experience the like yourselves the the Nth degree.
Seer
|
ChronoLynx
Caldari
Federation of Freedom Fighters
|
Posted - 2009.12.01 16:37:00 -
[85]
My 2c to this topic is this.
I signed up for a MMORPG account and a few other gaming sites using an account not linked to eve-online. I expessed interest to eve using these accounts. Then came in the attempts to gain access to my accounts. Over the last 3 months I have received about a dozen mails claiming to be from CCP and offering to giving away 15 day reactivation codes for expired accounts so that one might come back to eve.
The mail at which it has been coming from is spoofed; it is [email protected].
The mail looks legit, and takes you to a site that is mirroring the eve-online site. The thieves url to their site recently changed in the last set of spam mails that have come in. This leads me to believe that either there is another band of people doing this or that the original site got shut down.
And onto the second 1c.
One of my corp mates had his account compromised because of these mails. He and I received them at about same time on the same day to our hotmail accounts. He, being himself, clicked on the link and put in his info... I being me went... "CCP isn't this nice." I loaded up my Ubuntu OS from cd. I then proceeded to open the mail using the Unbuntu browser, which cannot be keylogged or run executables and doesn't recognize that I have hard drives, and checked out said site.
This is how I learned what the site looked like. It is a mirror of the CCP Eve-Online site and looks almost 100% correct. There were a few breaks in the lines where there should not have been as I was comparing them side by side. Over all I will say that after the experience I was happy not to have been tired when I receive the email.
The only reason this attempt worked on my corpmate is because he had an offline account which went off a few days before he received the mail.
Anyways, that was my full 2c. Moral of this long portion of text is to never click on a link from your email to a link on the eve-online site page. Always navigate from the mail page on the site.
Sometimes I wish I could remember;
Sometimes I wish I could forget.
|
Catari Taga
Centre Of Attention
Rough Necks
|
Posted - 2009.12.01 17:03:00 -
[86]
Edited by: Catari Taga on 01/12/2009 17:03:44
Originally by: Sky Marshal
Edited by: Sky Marshal on 01/12/2009 16:15:06
Quote:
People are getting hacked because they're getting keyloggers on their computers. The hackers aren't "guessing".
People are getting hacked because they're getting keyloggers, and because > CCP < had REMOVED the "Save Password" feature years ago, who would permit to NOT have to retype the password each time so who would REDUCE the risk to be theft by a keylogger.
Not sure why I even clicked on this thread but it is so full of fail it makes me laugh. If you were even remotely serious with the comment I quoted that is the perfect illustration why people like you are getting hacked. Priceless.
|
| |
|
| Pages: 1 2 3 :: [one page] |