Join us on Discord!
You can help CodeWalrus stay online by donating here.

Important security notice about your CodeWalrus account

Started by Dream of Omnimaga, December 06, 2015, 04:31:35 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

bb010g

Quote from: Cumred_Snektron on December 06, 2015, 10:20:46 AM
We used KeePassX on my dad's linux computer. The problem was he deleted the database one time and said it was my own fault <_<
baaaackuuuuups
  • Calculators owned: HP 50g, Prime, 28S, 35S, Casio Prizm, dead Nspire CX CAS

Adriweb

Yeah, I have access logs for that IP, same User agent etc.
Still doesn't tell who it actually is, though.
  • Calculators owned: TI-Nspire CX CAS, TI-Nspire CX, TI-Nspire CAS (x3), TI-Nspire (x2), TI-Nspire CM-C CAS, TI-Nspire CAS+, TI-80, TI-82 Stats.fr, TI-82 Plus, TI-83 Plus, TI-83 Plus.fr USB, TI-84+, TI-84+ Pocket SE, TI-84+ C Silver Edition, TI-84 Plus CE, TI-89 Titanium, TI-86, TI-Voyage 200, TI-Collège Plus, TI-Collège Plus Solaire, 3 HP, some Casios
Co-founder & co-administrator of TI-Planet and Inspired-Lua

Dream of Omnimaga

Indeed. I hope we will know one day. If the hacker has a CodeWalrus account or is on our IRC channel, so far the agreement with Street is that the user will get banned (I haven't managed to get an hold of Ivoah, Juju and Cumred about it yet). It's also possible that we start cracking down on Tor users and multi-user accounts on IRC and forums (eg banning them if they refuse to reveal who they are or to use a real IP address).
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

Adriweb

#18
The obvious action would be to ban the user/ip (if he's ever found with sufficient proof), but... the problem is that if it's a proxy, more than one person could be using this IP, including legit users. And it's not like the user in question wouldn't just use yet another IP and/or account to do whatever he's doing.

In the meantime, not much is known unless some IPs in France and a user-agent.
  • Calculators owned: TI-Nspire CX CAS, TI-Nspire CX, TI-Nspire CAS (x3), TI-Nspire (x2), TI-Nspire CM-C CAS, TI-Nspire CAS+, TI-80, TI-82 Stats.fr, TI-82 Plus, TI-83 Plus, TI-83 Plus.fr USB, TI-84+, TI-84+ Pocket SE, TI-84+ C Silver Edition, TI-84 Plus CE, TI-89 Titanium, TI-86, TI-Voyage 200, TI-Collège Plus, TI-Collège Plus Solaire, 3 HP, some Casios
Co-founder & co-administrator of TI-Planet and Inspired-Lua

Dream of Omnimaga

YEah, if it's a proxy then that could be a problem. I remember Omni had issues with false positive bans after many spambots were IP-banned. This is why we no longer ban spambots by their IP.
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

novenary

Quote from: bb010g on December 07, 2015, 04:07:01 AM
Quote from: Cumred_Snektron on December 06, 2015, 10:20:46 AM
We used KeePassX on my dad's linux computer. The problem was he deleted the database one time and said it was my own fault <_<
baaaackuuuuups
Yup, I love that pass encrypts with PGP, I use git integration and have the store on a remote private repo and my phone as well, the only problem would be if I lost my private key.

Dream of Omnimaga

Nanowar confirmed on Revsoft via news and a PM sent to me that Revsoft was attacked as well. Database was compromised.

@Juju please redo scans of the two suspicious IPs
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

novenary

I see both IPs in today's Nginx logs. We should disable password authentication on ssh and use only private keys.

critor

Quote from: Juju on December 07, 2015, 12:53:57 AM
Well, the most recent ones, as in, the last 3 incidents or so. He knows about other sites because we told him so.

And apparently he should stop assuming and implying strange things.

We've got hacking attempts almost everyday in the logs.
It's not because he doesn't know about it that it doesn't happen.

alexgt

This is strange how multiple websites are getting hacked at the same time O.O.
It is ISIS nooooo : P
  • Calculators owned: Ti-84+, Ti-Nspire, Hp Prime, Broken HP Prime, HP 48SX

Dream of Omnimaga

Could this be why ticalc.org have troubles with their login and voting system since POTY started? @Travis should run some scans
  • Calculators owned: TI-82 Advanced Edition Python TI-84+ TI-84+CSE TI-84+CE TI-84+CEP TI-86 TI-89T cfx-9940GT fx-7400G+ fx 1.0+ fx-9750G+ fx-9860G fx-CG10 HP 49g+ HP 39g+ HP 39gs (bricked) HP 39gII HP Prime G1 HP Prime G2 Sharp EL-9600C
  • Consoles, mobile devices and vintage computers owned: Huawei P30 Lite, Moto G 5G, Nintendo 64 (broken), Playstation, Wii U

Travis

I did discover suspicious activity from 90.11.159.131 on ticalc.org yesterday. We're investigating.

Edit: We may have something official to say later, but at this point, I do strongly recommend that people consider change their ticalc.org passwords now, especially if you're using the same passwords for anything else.
  • Calculators owned: TI-81, TI-82, TI-85, TI-86, TI-89, TI-89 Titanium, 2 × HP 50g

KermMart̕ian

#27
Sorry to hear that you guys were also hit a day later by this attacker. I hope as a community we can all get to the bottom of who feels so destructively towards us.

alexgt

Well, if they blame us it doesn't mean that CW is bad it means there is a member that should be banned.
  • Calculators owned: Ti-84+, Ti-Nspire, Hp Prime, Broken HP Prime, HP 48SX

Lionel Debroux

#29
Quote from: KermMartian on December 07, 2015, 07:21:36 PM
Of course, this all happened after the rest of the community noted how interesting it was that CodeWalrus was spared. That's a very unfortunate coincidence.
Strongly disappointed by your first comment ever on CW, Kerm, though not surprised nowadays. You know you can be a much more useful community member than you show here.
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TIEmu and TILP.
Co-admin of TI-Planet.

Powered by EzPortal