smeagol (OP)
Legendary
Offline
Activity: 1008
Merit: 1005
|
|
December 02, 2013, 01:53:00 AM |
|
Hello
Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.
Thanks
edit: For me the forum was down for most of the day, so this post is my first login today.
|
|
|
|
gmaxwell
Staff
Legendary
Offline
Activity: 4270
Merit: 8805
|
|
December 02, 2013, 04:17:08 AM |
|
Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.
unfortunately the forum can't know. E.g. you could have attempted to log in, it could have been intercepted by the attacker, and then the account could have just appeared down for you.
|
|
|
|
extortion
|
|
December 02, 2013, 04:20:57 AM |
|
i tried to tell theymos a week or two ago i thought the security of the site had been compromised again. of course, i was speaking to a brickwall the entire time.
EDIT: btw, its me r3wt. i refuse to login under my normal username for the time being,
|
Extortion. We are Anonymous. We are legion. We do not forgive. We Do Not Forget. Expect Us.
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
December 02, 2013, 04:24:34 AM |
|
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,
Was this written from someone in the future? It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
December 02, 2013, 04:40:12 AM |
|
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)
Wow - I am communicating with someone from the future! As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.
|
|
|
|
extortion
|
|
December 02, 2013, 05:14:31 AM |
|
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)
Wow - I am communicating with someone from the future! As I have checked and verified the certificate's fingerprint then I am assuming that I am okay. LoL
|
Extortion. We are Anonymous. We are legion. We do not forgive. We Do Not Forget. Expect Us.
|
|
|
extortion
|
|
December 02, 2013, 05:15:39 AM |
|
even if our password is password?
|
Extortion. We are Anonymous. We are legion. We do not forgive. We Do Not Forget. Expect Us.
|
|
|
Mylon
Full Member
Offline
Activity: 140
Merit: 100
Mining FTW
|
|
December 02, 2013, 05:17:35 AM |
|
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,
Was this written from someone in the future? It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time). It's Dec 2 6am here, so most likely that was the time of writing in his/her local time. If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)
Wow - I am communicating with someone from the future! As I have checked and verified the certificate's fingerprint then I am assuming that I am okay. There was confusion about the end time, (yes the end time is in the future, you should not login until then)
|
"All Your Base Are Belong To Us" by CATS
|
|
|
Rannasha
|
|
December 02, 2013, 08:03:18 AM |
|
If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,
Was this written from someone in the future? It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time). Updated DNS records may need time to properly propagate, so it's possible that there are still people out there being served the phishing site. Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.
|
|
|
|
CIYAM
Legendary
Offline
Activity: 1890
Merit: 1086
Ian Knowles - CIYAM Lead Developer
|
|
December 02, 2013, 08:34:25 AM |
|
Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.
Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).
|
|
|
|
smeagol (OP)
Legendary
Offline
Activity: 1008
Merit: 1005
|
|
December 02, 2013, 08:26:03 PM |
|
Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.
Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed). I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right?
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1280
May Bitcoin be touched by his Noodly Appendage
|
|
December 02, 2013, 09:25:45 PM |
|
Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.
Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed). I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right? It should be ok Check the fingerprint to be sure
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5376
Merit: 13407
|
|
December 02, 2013, 09:27:04 PM |
|
I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right?
No. http://109.201.133.195/ is just a redirection. https://109.201.133.195/ will get you the site, but you'll get a certificate error, and I don't think that the site works properly if you use a non-standard "domain".
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Raize
Donator
Legendary
Offline
Activity: 1419
Merit: 1015
|
|
December 02, 2013, 09:38:31 PM |
|
I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then.
|
|
|
|
smeagol (OP)
Legendary
Offline
Activity: 1008
Merit: 1005
|
|
December 02, 2013, 10:57:52 PM |
|
It should be ok Check the fingerprint to be sure
Whew, thanks I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. Haha. http://en.wikipedia.org/wiki/Tinfoil_Hat_Linux
|
|
|
|
sdp
|
|
December 03, 2013, 03:02:22 AM |
|
Hello
Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.
Thanks
edit: For me the forum was down for most of the day, so this post is my first login today.
See your browser's history.
|
Coinsbank: Left money in their costodial wallet for my signature. Then they kept the money.
|
|
|
|