|
Title: [Request] Regarding the recent hack. Post by: kougsa on June 24, 2015, 12:00:06 AM I would like to ask theymos to introduce a field in the profile panel where we could check all the information that got leaked during the hack.
I 'm mostly concerned about registration and last ip address used because it could be used to associate alt accounts. Many of us use alt accounts for participating in signature giveaways (people often auto-ignore those who use ads in their sigs), or just to be able to express some thoughts more freely (no one wants an angry mob against him just because he called a scam-coin... scam-coin :P ). The hacker now has more information about my accounts than me and this makes me feel very uncomfortable. Thank you. Ps. For obvious reasons i'm using a new account for this post. :D Title: Re: [Request] Regarding the recent hack. Post by: --Encrypted-- on June 24, 2015, 12:14:04 AM I would like to ask theymos to introduce a field in the profile panel where we could check all the information that got leaked during the hack. I 'm mostly concerned about registration and last ip address used because it could be used to associate alt accounts. Many of us use alt accounts for participating in signature giveaways (people often auto-ignore those who use ads in their sigs), or just to be able to express some thoughts more freely (no one wants an angry mob against him just because he called a scam-coin... scam-coin :P ). The hacker now has more information about my accounts than me and this makes me feel very uncomfortable. Thank you. Ps. For obvious reasons i'm using a new account for this post. :D why would you need that when you already know what got leaked? On May 22 at 00:56 UTC, an attacker gained root access to the forum's server. He then proceeded to try to acquire a dump of the forum's database before I noticed this at around 1:08 and shut down the server. In the intervening time, it seems that he was able to collect some or all of the "members" table. You should assume that the following information about your account was leaked: - Email address - Password hash (see below) - Last-used IP address and registration IP address - Secret question and a basic (not brute-force-resistant) hash of your secret answer - Various settings full post here https://bitcointalk.org/index.php?topic=1067985.msg11445725#msg11445725 change everything and you're as good as new. no need to change your email address if it is secure enough and if you don't mind spams. but change it anyway if you want to be sure Title: Re: [Request] Regarding the recent hack. Post by: kougsa on June 24, 2015, 12:25:37 AM why would you need that when you already know what got leaked? I know that ip addresses got leaked in general. I have to know the exact ip addresses to tell if the hacker can associate my accounts or not. Title: Re: [Request] Regarding the recent hack. Post by: --Encrypted-- on June 24, 2015, 01:21:49 AM why would you need that when you already know what got leaked? I know that ip addresses got leaked in general. I have to know the exact ip addresses to tell if the hacker can associate my accounts or not. you can always PM theymos and ask him. that would be easier than what you suggest. tho I'm really not sure if he'll be able to tell exactly which address that got leaked. Title: Re: [Request] Regarding the recent hack. Post by: dogie on June 24, 2015, 01:37:19 AM I would like to ask theymos to introduce a field in the profile panel where we could check all the information that got leaked during the hack. I 'm mostly concerned about registration and last ip address used because it could be used to associate alt accounts. Many of us use alt accounts for participating in signature giveaways (people often auto-ignore those who use ads in their sigs), or just to be able to express some thoughts more freely (no one wants an angry mob against him just because he called a scam-coin... scam-coin :P ). The hacker now has more information about my accounts than me and this makes me feel very uncomfortable. Thank you. Ps. For obvious reasons i'm using a new account for this post. :D Isn't this a theoretical worry, on the database coming into public hands? Which doesn't seem to have yet, probably still floating around some hacker forum. Title: Re: [Request] Regarding the recent hack. Post by: kougsa on June 24, 2015, 03:45:06 AM you can always PM theymos and ask him. that would be easier than what you suggest. Well, i'll do if it's difficult for him to implement it although i think a lot of people would find such a feature helpful. Title: Re: [Request] Regarding the recent hack. Post by: theymos on June 24, 2015, 05:01:11 AM I don't have that data on hand. I could tell you the IP you used a day before the hack, but I don't have the immediate-post-hack DB backup loaded anywhere.
Title: Re: [Request] Regarding the recent hack. Post by: Saruvn on June 24, 2015, 08:36:17 AM Yes , PM theymos or badbear , and they will generally help you with this.
Edit: Havent checked that theymos have already replied here ;D Title: Re: [Request] Regarding the recent hack. Post by: UnrealBeast on June 25, 2015, 04:52:43 PM I don't have that data on hand. I could tell you the IP you used a day before the hack, but I don't have the immediate-post-hack DB backup loaded anywhere. theymos check u pm about something important |