|
|
muyuu (OP)
Donator
Legendary
 Offline
Activity: 980
Merit: 1000
|
 |
April 15, 2013, 07:56:46 PM |
|
06:07 < ryannn> They say there's no 'central weak point'
06:07 < ryannn> Yeah there is, there's the developers
06:08 < ryannn> There's been bugs in the client that have allowed the blockchain to split previously
06:08 < ryannn> One could just backdoor the bitcoin client binaries, not the source.
06:08 < ryannn> Nobody would figure it out until it's too late
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
Remember remember the 5th of November
Legendary
Offline
Activity: 1862
Merit: 1011
Reverse engineer from time to time
|
|
April 15, 2013, 07:59:54 PM |
|
 ? |
BTC:1AiCRMxgf1ptVQwx6hDuKMu4f7F27QmJC2
|
|
|
muyuu (OP)
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
April 15, 2013, 08:02:23 PM |
|
? Bitcoin service providers possibly affected. But they should know better than Linode at this point. |
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
Nicolai
Newbie
Offline
Activity: 39
Merit: 0
|
|
April 15, 2013, 08:55:44 PM |
|
06:07 < ryannn> They say there's no 'central weak point'
06:07 < ryannn> Yeah there is, there's the developers
06:08 < ryannn> There's been bugs in the client that have allowed the blockchain to split previously
06:08 < ryannn> One could just backdoor the bitcoin client binaries, not the source.
06:08 < ryannn> Nobody would figure it out until it's too late ... and this is not true, as the official binary is signed, and many people run cronjobs to download and verify that the official binary hasn't been modified. |
|
|
|
|
muyuu (OP)
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
April 15, 2013, 10:20:39 PM |
|
06:07 < ryannn> They say there's no 'central weak point'
06:07 < ryannn> Yeah there is, there's the developers
06:08 < ryannn> There's been bugs in the client that have allowed the blockchain to split previously
06:08 < ryannn> One could just backdoor the bitcoin client binaries, not the source.
06:08 < ryannn> Nobody would figure it out until it's too late ... and this is not true, as the official binary is signed, and many people run cronjobs to download and verify that the official binary hasn't been modified. Still amusing that he bothered commenting on it. Linode don't take BTC do they? |
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
deepceleron
Legendary
Offline
Activity: 1512
Merit: 1032
|
|
April 16, 2013, 03:27:10 AM |
|
The hacker shows that he has access to linode's own www, and compromise was apparently over two weeks ago: https://bin.defuse.ca/hq0Ay8RzpKdR6vQwYxnmhcYou can see things like the yahoo and google webmaster tokens, and verify that they are files on the live site: http://www.linode.com/googledebcc14d3c9f777a.htmlWe have been advised that law enforcement officials are aware of the intrusion into this customer’s systems. We have implemented all appropriate measures to provide the maximum amount of protection to our customers. Out of an abundance of caution, however, we have decided to implement a Linode Manager password reset...You will be prompted to create a new password the next time that you log in So hackers get to reset your password to a new one... I guess at least you will know you are hacked then. Besides admins that steal your Bitcoins, "we suck at security, so we call the cops". Just another reason to run from Linode. |
|
|
|
|
|
Atruk
|
|
April 16, 2013, 05:38:52 AM |
|
06:07 < ryannn> They say there's no 'central weak point'
06:07 < ryannn> Yeah there is, there's the developers
06:08 < ryannn> There's been bugs in the client that have allowed the blockchain to split previously
06:08 < ryannn> One could just backdoor the bitcoin client binaries, not the source.
06:08 < ryannn> Nobody would figure it out until it's too late ... and this is not true, as the official binary is signed, and many people run cronjobs to download and verify that the official binary hasn't been modified. Still amusing that he bothered commenting on it. Linode don't take BTC do they? Linode being hacked was responsible for one of the first big hacking loses by a bitcoin service. |
|
|
|
muyuu (OP)
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
April 16, 2013, 10:11:20 AM |
|
Linode being hacked was responsible for one of the first big hacking loses by a bitcoin service.
I know. Which is why I said that BTC service providers should know better. |
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
|
Herodes
|
|
April 16, 2013, 03:22:24 PM |
|
what goes around, comes around Linode. Was going to post this, but you beat me to it. Remember the sysadmins of Linode just laughed at the bitcoin businesses that lost their coins last time around..
|
|
|
|
|
muyuu (OP)
Donator
Legendary
Offline
Activity: 980
Merit: 1000
|
|
April 16, 2013, 03:27:24 PM |
|
|
GPG ID: 7294199D - OTC ID: muyuu (470F97EB7294199D)
forum tea fund BTC 1Epv7KHbNjYzqYVhTCgXWYhGSkv7BuKGEU DOGE DF1eTJ2vsxjHpmmbKu9jpqsrg5uyQLWksM CAP F1MzvmmHwP2UhFq82NQT7qDU9NQ8oQbtkQ
|
|
|
|
