Bitcoin Forum
October 16, 2019, 10:56:42 PM *
News: If you like a topic and you see an orange "bump" link, click it. More info.
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Despite email confirmation, accounts still got hacked  (Read 70 times)
Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
December 14, 2017, 12:40:05 PM
 #1

Despite email confirmation in place, accounts still got hacked.

Man, you admin and mod guys at Bitcointalk forum are truly genuinely sinful and corrupt.

If I were in charge of this forum, I would have killed ALL account hacks within the very first year itself.

Either you guys are purely incompetent or else all the persistent account hacks are deliberate and endorsed by the admin themselves.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
mprep
Diamond Member
Global Moderator
Legendary
*
Offline Offline

Activity: 2394
Merit: 1450


In a world of peaches, don't ask for apple sauce


View Profile WWW
December 14, 2017, 01:11:59 PM
 #2

There is no email confirmation (you can set your email to pretty much anything AFAIK). Ask theymos why; I'm not quite sure myself. It'd stop most of these recent hacks.

Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
December 14, 2017, 01:45:35 PM
 #3

There is no email confirmation (you can set your email to pretty much anything AFAIK). Ask theymos why; I'm not quite sure myself. It'd stop most of these recent hacks.

I found this previous post by theymos himself on email security notification @ https://bitcointalk.org/index.php?topic=2282758

I added email notifications for some security events:

Whenever your password is changed (except by an administrator), you will get an email about it.

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

Let me know if you find any bugs.

Are you telling me this email security notification was just a show (i.e. lip service)? And that nothing significant was really implemented / put in place to secure the account?

My goodness. How deep does the admins' corruption goes.
mprep
Diamond Member
Global Moderator
Legendary
*
Offline Offline

Activity: 2394
Merit: 1450


In a world of peaches, don't ask for apple sauce


View Profile WWW
December 14, 2017, 01:52:34 PM
 #4

There is no email confirmation (you can set your email to pretty much anything AFAIK). Ask theymos why; I'm not quite sure myself. It'd stop most of these recent hacks.

I found this previous post by theymos himself on email security notification @ https://bitcointalk.org/index.php?topic=2282758

I added email notifications for some security events:

Whenever your password is changed (except by an administrator), you will get an email about it.

Whenever your email is changed (except by an administrator), your old email will get an email about it with a link to lock your account. The link is valid for 14 days.

Let me know if you find any bugs.

Are you telling me this email security notification was just a show (i.e. lip service)? And that nothing significant was really implemented / put in place to secure the account?

My goodness. How deep does the admins' corruption goes.
As it's written within the thread, it notifies a user and allows him to block the account within 14 days. Afterwhich the user has to go through the stickied procedure (signed message) to recover their account.

Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
December 14, 2017, 01:54:06 PM
 #5

As it's written within the thread, it notifies a user and allows him to block the account within 14 days.

Why then do we still see accounts getting hacked and the original owners reporting the hacks here?
mprep
Diamond Member
Global Moderator
Legendary
*
Offline Offline

Activity: 2394
Merit: 1450


In a world of peaches, don't ask for apple sauce


View Profile WWW
December 14, 2017, 02:00:38 PM
 #6

As it's written within the thread, it notifies a user and allows him to block the account within 14 days.

Why then do we still see accounts getting hacked and the original owners reporting the hacks here?
Because they either haven't checked their email, have checked it after the 14 days have passed, have set their email to a random bit of text / lost access over their email account, had their account hacked before the notification was implemented or blocked it via the aforementioned means and have not posted / PMed a BTC address or PGP public key in order to recover it.

Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
December 14, 2017, 02:11:49 PM
 #7

Because they either haven't checked their email, have checked it after the 14 days have passed, have set their email to a random bit of text / lost access over their email account, had their account hacked before the notification was implemented or blocked it via the aforementioned means and have not posted / PMed a BTC address or PGP public key in order to recover it.

Since I never stake any bitcoin address here, so I guess my hacked account is 100% unrecoverable.
Yes, I can email/pm theymos and every other person in charge but I don't think they will entertain me.

They will probably laugh in their hearts and say within themselves, "Ha ha haaa, serves you right, Dorky, for not staking your bitcoin address here. Tough luck for you. There is nothing I can/will do about it."
ibminer
Legendary
*
Offline Offline

Activity: 1366
Merit: 1373


Goonies never say die.


View Profile
December 14, 2017, 02:27:48 PM
 #8

If you had never posted a BTC address in the past on that account, you are not likely to get it recovered. However, the account does appear to have changed hands to me and I've left feedback to warn others.

:-: Bitcointalk Public Information Project (BPIP) New stats, new reports, and a new design(done by me. Smiley)
Don't be obsessed with your desires. The Zen philosopher Basho once wrote, 'A flute with no holes, is not a flute... and a donut with no hole, is a Danish.' He was a funny guy.
Dorkie
Member
**
Offline Offline

Activity: 364
Merit: 13


View Profile
December 14, 2017, 02:29:57 PM
 #9

If you had never posted a BTC address in the past on that account, you are not likely to get it recovered. However, the account does appear to have changed hands to me and I've left feedback to warn others.

Thank you, thank you, thank you, thank you, thank you, and thank you for your gesture of support.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!