|
Title: Login history/man-in-the-middle Post by: smeagol on December 02, 2013, 01:53:00 AM Hello
Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected. Thanks edit: For me the forum was down for most of the day, so this post is my first login today. Title: Re: Login history/man-in-the-middle Post by: gmaxwell on December 02, 2013, 04:17:08 AM Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected. unfortunately the forum can't know. E.g. you could have attempted to log in, it could have been intercepted by the attacker, and then the account could have just appeared down for you.Title: Re: Login history/man-in-the-middle Post by: extortion on December 02, 2013, 04:20:57 AM i tried to tell theymos a week or two ago i thought the security of the site had been compromised again. of course, i was speaking to a brickwall the entire time.
EDIT: btw, its me r3wt. i refuse to login under my normal username for the time being, Title: Re: Login history/man-in-the-middle Post by: CIYAM on December 02, 2013, 04:24:34 AM Code: If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, Was this written from someone in the future? It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time). Title: Re: Login history/man-in-the-middle Post by: CIYAM on December 02, 2013, 04:40:12 AM Code: If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then) Wow - I am communicating with someone from the future! As I have checked and verified the certificate's fingerprint then I am assuming that I am okay. Title: Re: Login history/man-in-the-middle Post by: extortion on December 02, 2013, 05:14:31 AM Code: If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then) Wow - I am communicating with someone from the future! As I have checked and verified the certificate's fingerprint then I am assuming that I am okay. :D LoL Title: Re: Login history/man-in-the-middle Post by: extortion on December 02, 2013, 05:15:39 AM even if our password is password?
Title: Re: Login history/man-in-the-middle Post by: Mylon on December 02, 2013, 05:17:35 AM Code: If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, Was this written from someone in the future? It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time). It's Dec 2 6am here, so most likely that was the time of writing in his/her local time. There was confusion about the end time, (yes the end time is in the future, you should not login until then)Code: If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then) Wow - I am communicating with someone from the future! As I have checked and verified the certificate's fingerprint then I am assuming that I am okay. Title: Re: Login history/man-in-the-middle Post by: Rannasha on December 02, 2013, 08:03:18 AM Code: If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC, Was this written from someone in the future? It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time). Updated DNS records may need time to properly propagate, so it's possible that there are still people out there being served the phishing site. Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in. Title: Re: Login history/man-in-the-middle Post by: CIYAM on December 02, 2013, 08:34:25 AM Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in. Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed). Title: Re: Login history/man-in-the-middle Post by: smeagol on December 02, 2013, 08:26:03 PM Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in. Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed). I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right? Title: Re: Login history/man-in-the-middle Post by: jackjack on December 02, 2013, 09:25:45 PM Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in. Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed). I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right? It should be ok Check the fingerprint to be sure Title: Re: Login history/man-in-the-middle Post by: theymos on December 02, 2013, 09:27:04 PM I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right? No. http://109.201.133.195/ is just a redirection. https://109.201.133.195/ will get you the site, but you'll get a certificate error, and I don't think that the site works properly if you use a non-standard "domain". Title: Re: Login history/man-in-the-middle Post by: Raize on December 02, 2013, 09:38:31 PM I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. :-\
Title: Re: Login history/man-in-the-middle Post by: smeagol on December 02, 2013, 10:57:52 PM It should be ok Check the fingerprint to be sure Whew, thanks I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. :-\ Haha. http://en.wikipedia.org/wiki/Tinfoil_Hat_Linux Title: Re: Login history/man-in-the-middle Post by: sdp on December 03, 2013, 03:02:22 AM Hello Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected. Thanks edit: For me the forum was down for most of the day, so this post is my first login today. See your browser's history. |