KanadaKid Posted June 30, 2007 Share Posted June 30, 2007 The list is there, but have you tried the links? Well, most of them work, but not mine. Link to comment Share on other sites More sharing options...
Sabr Posted June 30, 2007 Share Posted June 30, 2007 The list is there, but have you tried the links? Well, most of them work, but not mine. Hmmm, that's strange. I'll pass it on to ColdFusion. Link to comment Share on other sites More sharing options...
EFI Posted June 30, 2007 Share Posted June 30, 2007 Good thing the InsanelyMac is back up and running again...that was a quick recovery. I'm still a little ticked off that our e-mail adresses are compromised, but so far for me (knock on wood) either I'm not getting any spam to begin with(i.e my email is not sold yet), or Gmail's spam filter is impressively strong and dead accurate...and is filtering perfectly so far. I hope its the first one, because so far I havent received any spam. I hope it stays that way. Any news at all on who(m) was behind all this? Link to comment Share on other sites More sharing options...
Sabr Posted June 30, 2007 Share Posted June 30, 2007 The list is there, but have you tried the links? Well, most of them work, but not mine. Ok, blogs are now up and working. Link to comment Share on other sites More sharing options...
Ophiel X Posted July 1, 2007 Share Posted July 1, 2007 i was alarmed a bit by this snippet: "However, if your password is not particularly strong, we recommend you change it to something stronger ASAP. This is because commonly used passwords could be compared against a list of their encrypted versions, so passwords such "hello" are really not a wise choice. We recommend that your password be at least 8 characters long and contain a mixture of letters and numbers." are you seriously saying you guys don't salt hashes? i thought that topic was covered in Forum Administration 101 Link to comment Share on other sites More sharing options...
haydio Posted July 1, 2007 Share Posted July 1, 2007 They would use a MD5 hash I believe BUT if your password was hello they can match the hashes, Eg: if you password was 'hello' in the database it would appear as '5d41402abc4b2a76b9719d911017c592' and because hello could be a common pass they could easily match 5d41402abc4b2a76b9719d911017c592 to hello. Link to comment Share on other sites More sharing options...
Xenctuary Posted July 1, 2007 Share Posted July 1, 2007 That would not be possible if the passwords were salted through a random string during encryption, which I'm pretty sure they are! Link to comment Share on other sites More sharing options...
Alessandro17 Posted July 1, 2007 Share Posted July 1, 2007 Well, for good measure I have changed mine anyway. Link to comment Share on other sites More sharing options...
np_ Posted July 1, 2007 Share Posted July 1, 2007 So it appears someone with nothing better to do took it upon themselves to bring down the site for no good reason. They used an Invision PowerBoard exploit which allowed them to gain root access to the database, and after backing it up for their own gratification and future exploitation, they deleted it. I guess this is some people's idea of fun, but the simple fact is: it's a serious crime. So serious in fact, that the investigation has been passed to the UK's Serious Organised Crime Agency (SOCA), and we have been able to provide them with a number of leads thanks to some sterling work from our excellent mods! and how we know was not you for example ? not happy about current "income" and decide to sell 80K emails , then let's blame "hackers" ? any prove ? Link to comment Share on other sites More sharing options...
Alessandro17 Posted July 1, 2007 Share Posted July 1, 2007 and how we know was not you for example ? not happy about current "income" and decide to sell 80K emails , then let's blame "hackers" ? any prove ? Oh come on, that is some of the worst nonsense I have ever read Link to comment Share on other sites More sharing options...
np_ Posted July 1, 2007 Share Posted July 1, 2007 Oh come on, that is some of the worst nonsense I have ever read and you are "ColdFusion" secretary ? Link to comment Share on other sites More sharing options...
Alessandro17 Posted July 1, 2007 Share Posted July 1, 2007 and you are "ColdFusion" secretary ? No, I just try to use my brain... Link to comment Share on other sites More sharing options...
wlfdgcrkz Posted July 1, 2007 Share Posted July 1, 2007 "it's a serious crime?" lol. So many devs have left here for so many logical reasons ie backstabbing, dishonesty, account-jacking, internal politics. insanelymac has become a not-so-innocent altruistic brotherly organization. Amazing that this would happen to us? Unwarranted? Im just not sure. Perhaps events like this should be kept in perspective. just one members opinion. Link to comment Share on other sites More sharing options...
bwhsh8r Posted July 1, 2007 Share Posted July 1, 2007 and how we know was not you for example ? not happy about current "income" and decide to sell 80K emails , then let's blame "hackers" ? any prove ? there were about 3 hackers {censored}in with the server, it wasnt him. Link to comment Share on other sites More sharing options...
ColdFusion Posted July 2, 2007 Author Share Posted July 2, 2007 i was alarmed a bit by this snippet: "However, if your password is not particularly strong, we recommend you change it to something stronger ASAP. This is because commonly used passwords could be compared against a list of their encrypted versions, so passwords such "hello" are really not a wise choice. We recommend that your password be at least 8 characters long and contain a mixture of letters and numbers." are you seriously saying you guys don't salt hashes? i thought that topic was covered in Forum Administration 101 They would use a MD5 hash I believe BUT if your password was hello they can match the hashes, Eg: if you password was 'hello' in the database it would appear as '5d41402abc4b2a76b9719d911017c592' and because hello could be a common pass they could easily match 5d41402abc4b2a76b9719d911017c592 to hello. Yep that's right, MD5 encryption is used. Can we prove that we didn't hack our own server and sell your email addresses? Yes thanks Link to comment Share on other sites More sharing options...
bwhsh8r Posted July 2, 2007 Share Posted July 2, 2007 Can we prove that we didn't hack our own server and sell your email addresses? Yes thanks too bad there were like 3 people playing on your server :s and too bad you cant figure out who or which ones did it... although i hope you do. Link to comment Share on other sites More sharing options...
MITCHELL Posted July 2, 2007 Share Posted July 2, 2007 we should try to narrow down the search ok, it wasn't me lol Link to comment Share on other sites More sharing options...
Good Old Leopard Posted July 3, 2007 Share Posted July 3, 2007 ok its good the site's back up but i still want to know, what kind of servers is the site on now? I hope some b-{censored}ing apple quads with 32GB of ram like the one that i just got to use with Final Cut Studio 2 along with my octa core mac pro Link to comment Share on other sites More sharing options...
Alessandro17 Posted July 3, 2007 Share Posted July 3, 2007 Can we prove that we didn't hack our own server and sell your email addresses? Yes thanks ColdFusion, you don't need to prove anything. It is just plain common sense that it was somebody else. Link to comment Share on other sites More sharing options...
guyin916 Posted July 8, 2007 Share Posted July 8, 2007 No, I just try to use my brain... /me thinks of wizard of oz. Link to comment Share on other sites More sharing options...
Zealot Posted July 8, 2007 Share Posted July 8, 2007 he he Link to comment Share on other sites More sharing options...
.kext Posted July 8, 2007 Share Posted July 8, 2007 and you are "ColdFusion" secretary ? What if it was you? You say we blame hackers, but you blame a staff member? Nonsense. Link to comment Share on other sites More sharing options...
skitz Posted July 8, 2007 Share Posted July 8, 2007 Good to see everything back... Strangely enough, im in Ozzie land and it seems faster now than before (joined recently, been reading for months), or maybe i'm going insane......ly mac... c-ya, b.t.w. OS x86 on podcast today search for Aussie Tech Heads in iTunes, or myspace, episode 44. I'll post in news section. edit: i can't post in news, i'll find somewhere Link to comment Share on other sites More sharing options...
Alessandro17 Posted July 8, 2007 Share Posted July 8, 2007 /me thinks of wizard of oz. Since when retarded kids have anything to say among mature adults? Link to comment Share on other sites More sharing options...
brewno Posted July 8, 2007 Share Posted July 8, 2007 So it appears someone with nothing better to do took it upon themselves to bring down the site for no good reason. Hmm, so that's why there was no more InsanelyMac bookmark icon... Link to comment Share on other sites More sharing options...
Recommended Posts