Clarification as to the Reason why the Forum was down for ~5 Days

[ForceField]

Theymos, it would be nice to hear an update as to:

1) Why it took this long of downtime to identify and fix the problem and what steps were needed to address all of the issues?

2) What protection have you implemented (or plan to implement) to prevent further such attacks in the future?

3) If, as you mentioned in the Reddit thread, the hack was caused by a vulnerability in the news section of this website, then maybe it would be better to remove the news section entirely?

I am glad that the BitcoinTalk forum is back up and I am sure that I was not the only one suffering while it was unavailable.


Also this was the email I received on 10/3/2013 after the forum was offline:
Subject: Bitcoin Forum Compromised

-----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256

 Unfortunately, it was recently discovered that the Bitcoin Forum's server
 was compromised. It is currently believed that the attacker(s) *could* have
 accessed the database, but at this time it is unknown whether they actually did
 so. If they accessed the database, they would have had access to all
 personal messages, emails, and password hashes. To be safe, it is
 recommended that all Bitcoin Forum users consider any password used
 on the Bitcoin Forum in 2013 to be insecure: if you used this
 password on a different site, change it. When the Bitcoin Forum
 returns, change your password.

 Passwords on the Bitcoin Forum are hashed with 7500 rounds of
 sha256crypt. This is very strong. It may take years for
 reasonably-strong passwords to be cracked. Even so, it is best to
 assume that the attacker will be able to crack your passwords.

 The Bitcoin Forum will return within the next several days after a
 full investigation has been conducted and we are sure that this
 problem cannot recur.

 Check http://www.reddit.com/r/Bitcoin/ and #bitcoin on Freenode for
 more info as it develops.

 We apologize for the inconvenience.

 -----BEGIN PGP SIGNATURE-----

 iF4EAREIAAYFAlJNCE8ACgkQxlVWk9q1kecABgD9H5sbb0DopdLsODAmv6LWmIaW
 kgfyYTlh8GezYbYx7c8A/iTh0/DCwaXuNKK/qUWpewR/L6HEOuAqa/ML1D+K9mZc
 =1NYs
 -----END PGP SIGNATURE-----

[1715390305]

1715390305

[1715390305]

1715390305

[1715390305]

1715390305

[1715390305]

1715390305

[1715390305]

1715390305

[DPoS]

I am sure that I was not the only one suffering while it was unavailable.

lulz troll withdrawal is a terrible thing!!

[favdesu]

maybe a global "change your password" message would be helpful

[Tomatocage]

maybe a global "change your password" message would be helpful

The news banner is probably disabled since it's suspect in whatever attack vector the hax0r used.

[DPoS]

maybe a global "change your password" message would be helpful

if they can use people's passwords then it would be too late anyway..  you know they would be on watch for the board to be back up before 99% of the users would know

[Maged]

maybe a global "change your password" message would be helpful

if they can use people's passwords then it would be too late anyway..  you know they would be on watch for the board to be back up before 99% of the users would know

Not really. It will take awhile to crack the passwords, so they would start with the high-value targets.

That being said, it's not worse than before. For the last several months, the hackers had access to any account they pleased.

[MrHempstock]

That being said, it's not worse than before. For the last several months, the hackers had access to any account they pleased.

Since 2011.

[Maged]

That being said, it's not worse than before. For the last several months, the hackers had access to any account they pleased.

Since 2011.

Some of us were still out of the loop 

[MrHempstock]

No worries!

But that is a much longer time to tackle those PWs. Finally a reason to be glad I'm not one of the BTC-laden early adopters (target)

[BorderBits]

It was the same person who did the CosbyCoin hack and they used the same exploit. . lol!  Guaranteed it will happen again, too.  What exactly has Theymos done with the tens of thousands of dollars donated to this forum?? ? ? ?

[bitspill]

maybe a global "change your password" message would be helpful

The news banner is probably disabled since it's suspect in whatever attack vector the hax0r used.

But it's not

News: Change your forum password