Bitcoin Forum
November 08, 2024, 04:51:59 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Login history/man-in-the-middle  (Read 1320 times)
smeagol (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1005



View Profile
December 02, 2013, 01:53:00 AM
 #1

Hello

Is there a way where I can see if I logged in during the times affected by the attack?  I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.

Thanks

edit: For me the forum was down for most of the day, so this post is my first login today.
gmaxwell
Staff
Legendary
*
Offline Offline

Activity: 4270
Merit: 8805



View Profile WWW
December 02, 2013, 04:17:08 AM
 #2

Is there a way where I can see if I logged in during the times affected by the attack?  I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.
unfortunately the forum can't know. E.g. you could have attempted to log in, it could have been intercepted by the attacker, and then the account could have just appeared down for you.
extortion
Full Member
***
Offline Offline

Activity: 141
Merit: 100


View Profile
December 02, 2013, 04:20:57 AM
 #3

i tried to tell theymos a week or two ago i thought the security of the site had been compromised again. of course, i was speaking to a brickwall the entire time.

EDIT: btw, its me r3wt. i refuse to login under my normal username for the time being,

Extortion. We are Anonymous. We are legion. We do not forgive. We Do Not Forget. Expect Us.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
December 02, 2013, 04:24:34 AM
 #4

Code:
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,

Was this written from someone in the future?

It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
December 02, 2013, 04:40:12 AM
 #5

Code:
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)

Wow - I am communicating with someone from the future!

As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
extortion
Full Member
***
Offline Offline

Activity: 141
Merit: 100


View Profile
December 02, 2013, 05:14:31 AM
 #6

Code:
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)

Wow - I am communicating with someone from the future!

As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.


 Cheesy LoL

Extortion. We are Anonymous. We are legion. We do not forgive. We Do Not Forget. Expect Us.
extortion
Full Member
***
Offline Offline

Activity: 141
Merit: 100


View Profile
December 02, 2013, 05:15:39 AM
 #7

even if our password is password?

Extortion. We are Anonymous. We are legion. We do not forgive. We Do Not Forget. Expect Us.
Mylon
Full Member
***
Offline Offline

Activity: 140
Merit: 100

Mining FTW


View Profile
December 02, 2013, 05:17:35 AM
 #8

Code:
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,

Was this written from someone in the future?

It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).

It's Dec 2 6am here, so most likely that was the time of writing in his/her local time.
Code:
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)

Wow - I am communicating with someone from the future!

As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.

There was confusion about the end time, (yes the end time is in the future, you should not login until then)

"All Your Base Are Belong To Us" by CATS
Rannasha
Hero Member
*****
Offline Offline

Activity: 728
Merit: 500


View Profile
December 02, 2013, 08:03:18 AM
 #9

Code:
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,

Was this written from someone in the future?

It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).


Updated DNS records may need time to properly propagate, so it's possible that there are still people out there being served the phishing site.

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
December 02, 2013, 08:34:25 AM
 #10

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
smeagol (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1005



View Profile
December 02, 2013, 08:26:03 PM
 #11

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).


I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock.  It's safe then, right?
jackjack
Legendary
*
Offline Offline

Activity: 1176
Merit: 1280


May Bitcoin be touched by his Noodly Appendage


View Profile
December 02, 2013, 09:25:45 PM
 #12

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).


I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock.  It's safe then, right?

It should be ok
Check the fingerprint to be sure

Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2
Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13407


View Profile
December 02, 2013, 09:27:04 PM
 #13

I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock.  It's safe then, right?

No. http://109.201.133.195/ is just a redirection. https://109.201.133.195/ will get you the site, but you'll get a certificate error, and I don't think that the site works properly if you use a non-standard "domain".

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Raize
Donator
Legendary
*
Offline Offline

Activity: 1419
Merit: 1015


View Profile
December 02, 2013, 09:38:31 PM
 #14

I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. Undecided
smeagol (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1005



View Profile
December 02, 2013, 10:57:52 PM
 #15

It should be ok
Check the fingerprint to be sure

Whew, thanks

I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. Undecided

Haha.  http://en.wikipedia.org/wiki/Tinfoil_Hat_Linux
sdp
Sr. Member
****
Offline Offline

Activity: 469
Merit: 281



View Profile WWW
December 03, 2013, 03:02:22 AM
 #16

Hello

Is there a way where I can see if I logged in during the times affected by the attack?  I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.

Thanks

edit: For me the forum was down for most of the day, so this post is my first login today.

See your browser's history.

Coinsbank: Left money in their costodial wallet for my signature.  Then they kept the money.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!