Re: the recent "unpleasantness"

Recently the board was down and the administration sent out an e-mail explaining that some vile hacker had gotten into our files and stolen our passwords. I was kinda expecting an “official” explanation, but haven’t seen it if it’s here.

Some questions:

  1. What can a hacker do with our username/passwords aside from creating fraudulent posts on this message board?
  2. Why would anyone want to post with someone else’s username, aside from the general nuisance factor?
    3)Forgive my techno-illiteracy, but what in hades does this have to do with HTML?
    4)Does this belong here or in General
    Questions?

Lisa

  1. here, not much. But I expect several members use the same password here and for their email account. Having both of those lets the hacker read that person’s email as well as being a foothold for further hacking.

  2. I doubt that there is much more than the general annoyance factor for that particular activity

  3. I suspect that the security hole which the hacker took advantage of had to do with the HTML. Probably some malicious javascript.

  4. This’ll work.

“Recent Unpleasantness”?

We’un down South thought ya’ll mean the Civil War! :slight_smile:

(If anybody asks “Can you ever have a really civil war” I shall smack him between the eyes with a large haddock :mad: )


Bad manners? How should I know? I was raised by wolves.

In the explanation I read concerning the attack on the SDMB, the low life, scum sucking, moronic, childish, bed wetting, cretin that hacked into the board was using it as a launch pad to disrupt the functions of another website. (I’m strongly considering pushing for mandatory execution for all hackers caught hacking.) When the SDMB crew found out and started to close the feces eating low life out, he/she or it promptly attacked the hard drives in an act of childish revenge, damaging some of them, which affected the codes.

I also think that all hackers caught should be sentenced to a year on a good old fashioned 1950s style Southern chain gang, cleaning out ditches and dirt roads in the high heat and humidity while pot bellied officers ride horses next to them with shotguns, call them ‘boy’, spit tobacco juice and make them call them ‘boss’ to ask for a drink of warm water or go off in the snake infested weeds for a ‘squat.’

Something like in Cool Hand Luke. If they try to escape – then shoot 'em down!

Hackers are scum!

Gee, there has been so much unpleasantness lately, I had to open this thread to see which you were referring to.

I think the admin was just trying to cover themselves with the password thing. Better to proactively email all the members than take the chance and have 4800+ people pissed off that they weren’t at least warned of the possibility that their identities might be stolen.

It’s a power trip for the small-minded. It baffles me, the things that hackers get off on. I still can’t believe that some people have nothing better to do with their lives than write malicious code and cause grief in the lives of people they don’t even know.


We cheat the other guys & pass the savings along to you!

Script-kiddies are the immature ones who get off on using exploits (usually written by others).

Real hackers get their ya-ya’s from the actual breaking of the security put in place by other programmers. What they then do with that ability is usually incidental. In fact, quite often the only thing they do is tell the compromised sysadmin that he’s been compromised.
It’s a game of who is the better hacker.

Hacking is not a crime! Free Kevin! (What? What do you mean he’s free?!) Down with MS! Linux OwnZ!

I once was a hacker for a long time in the sense that you all seem to think of it. I still am a hacker in the sense that I think of it. I like computers. I like making do things they weren’t meant to do. I treat them like neat toys, and am a bit loose with data if it means doing something neat.

Hacker != Maliciousness.

As for your questions:
1> Anything you can think of that one could do by having a valid UID and password. Most people have a standard password that they always use. As is, I have 5, and I still am uncomfortable to think what someone could do with that particular password. I changed anything major, but there’s a couple porn sites…
2> Because I can? You assume that because you have a mature rational viewpoint that everyone does (big mistake). Most of the script kiddies that would do such things are pretty inept socially. Spoofing identities and annoying people is great fun to a mind like that… especially when the person gets really angry about it. The best is on IRC, when you can get them mad in real time and…
3> HTML lets you put interesting things into messages and is generally a big security risk. I’m suprised it was ever allowed on the message board.
4> GQ or About the board would be my guess.

For a good look at how a real hacker (the non destructive kind) thinks, go here: http://www.totse.com/manifest.htm


http://www.madpoet.com
Clerks - Just because they serve you doesn’t mean they like you.