UBB/PPrune user details hacked ?
Moderator
Join Date: May 1998
Location: .
Posts: 250
Likes: 0
Received 0 Likes
on
0 Posts
.........actually what somebody has probably gone and done is to get a copy of something like 'MemoWeb 3' (yours for £29.99 from PC World) and 'grab' the whole PPRuNe (well as much as they're allowed to see, that is - e.g. the browsable page contents ).
Indeed, for all those folks who've been in receipt of 'unsolicited emails', and in particular which have apparently emanated from your PPRuNe account email address, this is almost certainly how it's been done - the download 'bot just grabs the email addresses from the PPRuNe pages and saves them to the 'bot users PC; all rather too easy really - but a far cry from being hacked.
Now w.r.t. some specifics....:
The guys I've spoken to are convinced it has been done and say that they have seen this bit of paper...... A piece of paper containing the details of nearly 35000+ PPRuNers would be quite a weighty tome !
No system is hack-proof. No software is uncrackable - if... someone wants in badly enough...... True, but why on earth would somebody want access to the details we hold, i.e. most of the email addresses we hold are so indeterminable as to be almost useless, and a lot of the other stuff in folk's profiles is about as useful as a chocolate teapot !
If someone did it just for the hell of it, because it could be done, then we'll probably never hear about it again..... I agree once again - but perhaps the bottom line is that whilst any such hack would be annoying (from a technical stand-point) - they've done no harm; Sh!t even if they crashed the server we can always rebuild it and, as mentioned above, it's not as if we have rack loads of confidential information or some such.
So perhaps a case of habeas corpus (or in plain English...... thus far, an awful lot of "If's, but's, and maybe's") ?!
Ps. Folks, perhaps this just goes to prove that you should all avail yourself of:
A). Good anti-virus software (e.g, Sophos, Norton, MacAfee) and turn it on to monitor all programs & files (inc Emails), and to update it very regularly.
B). Make use of firewall hard/software, e.g. ZoneAlarm Pro.
C). Be careful about just what details you provide about yourself over / on the web !
[ 08 July 2001: Message edited by: CrashDive ]
Indeed, for all those folks who've been in receipt of 'unsolicited emails', and in particular which have apparently emanated from your PPRuNe account email address, this is almost certainly how it's been done - the download 'bot just grabs the email addresses from the PPRuNe pages and saves them to the 'bot users PC; all rather too easy really - but a far cry from being hacked.
Now w.r.t. some specifics....:
The guys I've spoken to are convinced it has been done and say that they have seen this bit of paper...... A piece of paper containing the details of nearly 35000+ PPRuNers would be quite a weighty tome !
No system is hack-proof. No software is uncrackable - if... someone wants in badly enough...... True, but why on earth would somebody want access to the details we hold, i.e. most of the email addresses we hold are so indeterminable as to be almost useless, and a lot of the other stuff in folk's profiles is about as useful as a chocolate teapot !
If someone did it just for the hell of it, because it could be done, then we'll probably never hear about it again..... I agree once again - but perhaps the bottom line is that whilst any such hack would be annoying (from a technical stand-point) - they've done no harm; Sh!t even if they crashed the server we can always rebuild it and, as mentioned above, it's not as if we have rack loads of confidential information or some such.
So perhaps a case of habeas corpus (or in plain English...... thus far, an awful lot of "If's, but's, and maybe's") ?!
Ps. Folks, perhaps this just goes to prove that you should all avail yourself of:
A). Good anti-virus software (e.g, Sophos, Norton, MacAfee) and turn it on to monitor all programs & files (inc Emails), and to update it very regularly.
B). Make use of firewall hard/software, e.g. ZoneAlarm Pro.
C). Be careful about just what details you provide about yourself over / on the web !
[ 08 July 2001: Message edited by: CrashDive ]
Cunning Artificer
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
"Why would anyone be interested in what is in my PC?"
Because software can shuffle through a whole mass of details from a huge mass of computers quite effortlessly, mining details such as credit card numbers for example. Do you use on-line banking? Perhaps not, but lots of other people do and software can crack the passwords easily. Professional Pilots are notoriously wealthy people so pilots computers might be very interesting places to visit. If you want to open up your PC like a whore's legs to all comers, just log on to an Internet Chat session. Hackers are very interested in IRC numbers so they can track log-ons and walk straight through the open door into your files, even if you have a firewall. Get real, there's lots of stuff in your PC to attract attention. You wouldn't leave your briefcase on the front seat of your car, now would you?
Or would you?
**********************************
Through difficulties to the cinema
Because software can shuffle through a whole mass of details from a huge mass of computers quite effortlessly, mining details such as credit card numbers for example. Do you use on-line banking? Perhaps not, but lots of other people do and software can crack the passwords easily. Professional Pilots are notoriously wealthy people so pilots computers might be very interesting places to visit. If you want to open up your PC like a whore's legs to all comers, just log on to an Internet Chat session. Hackers are very interested in IRC numbers so they can track log-ons and walk straight through the open door into your files, even if you have a firewall. Get real, there's lots of stuff in your PC to attract attention. You wouldn't leave your briefcase on the front seat of your car, now would you?
Or would you?
**********************************
Through difficulties to the cinema
Cunning Artificer
Join Date: Jun 2001
Location: The spiritual home of DeHavilland
Age: 76
Posts: 3,127
Likes: 0
Received 0 Likes
on
0 Posts
Me a Professional Pilot? You're really new around here aren't you? Read my profile.
Unfortunately our knowledge of pilots' true wealth is not shared by the public. People outside aviation believe pilots are granite-jawed super-heroes who take home 250 grand every year. We aviation professionals, of course, recognise the pot-bellied grey-haired old geezers staggering to their 1990 Toyota Corollas in the car park.
Don't we?
**********************************
Through difficulties to the cinema
Unfortunately our knowledge of pilots' true wealth is not shared by the public. People outside aviation believe pilots are granite-jawed super-heroes who take home 250 grand every year. We aviation professionals, of course, recognise the pot-bellied grey-haired old geezers staggering to their 1990 Toyota Corollas in the car park.
Don't we?
**********************************
Through difficulties to the cinema
Chief Tardis Technician
Join Date: Jan 2001
Location: Western Australia S31.715 E115.737
Age: 71
Posts: 554
Likes: 0
Received 0 Likes
on
0 Posts
Tried to fire off one of those thru the net Nukes the other day, but my Virus checker wouldnt let me. The Trojans were found in the files and the checker denied access to the files as they were on a CD so couldnt be cleaned.
I also find that Zone Alarm coupled with a good anti virus Prog like VET ( www.vet.com.au ) goes a long way to stop nasties getting in.
My Kids have had their Friends try to send various bombs and trojans to my computer, (even sub7, I saw it die before it got in ) without success.
I also find that Zone Alarm coupled with a good anti virus Prog like VET ( www.vet.com.au ) goes a long way to stop nasties getting in.
My Kids have had their Friends try to send various bombs and trojans to my computer, (even sub7, I saw it die before it got in ) without success.