The shoutbox is currently out of service. Join us on Discord instead.
You can help CodeWalrus stay online by donating here.

Important security notice about your CodeWalrus account

Started by DJ Omnimaga, December 06, 2015, 04:31:35 am

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

bb010g

Quote from: Cumred_Snektron on December 06, 2015, 10:20:46 am
We used KeePassX on my dad's linux computer. The problem was he deleted the database one time and said it was my own fault <_<

baaaackuuuuups

Adriweb

Yeah, I have access logs for that IP, same User agent etc.
Still doesn't tell who it actually is, though.
Co-founder & co-administrator of TI-Planet and Inspired-Lua

DJ Omnimaga

Indeed. I hope we will know one day. If the hacker has a CodeWalrus account or is on our IRC channel, so far the agreement with Street is that the user will get banned (I haven't managed to get an hold of Ivoah, Juju and Cumred about it yet). It's also possible that we start cracking down on Tor users and multi-user accounts on IRC and forums (eg banning them if they refuse to reveal who they are or to use a real IP address).

Adriweb

December 07, 2015, 04:47:52 am #18 Last Edit: December 07, 2015, 04:52:23 am by Adriweb
The obvious action would be to ban the user/ip (if he's ever found with sufficient proof), but... the problem is that if it's a proxy, more than one person could be using this IP, including legit users. And it's not like the user in question wouldn't just use yet another IP and/or account to do whatever he's doing.

In the meantime, not much is known unless some IPs in France and a user-agent.
Co-founder & co-administrator of TI-Planet and Inspired-Lua

DJ Omnimaga

YEah, if it's a proxy then that could be a problem. I remember Omni had issues with false positive bans after many spambots were IP-banned. This is why we no longer ban spambots by their IP.

Streetwalrus

Quote from: bb010g on December 07, 2015, 04:07:01 am
Quote from: Cumred_Snektron on December 06, 2015, 10:20:46 am
We used KeePassX on my dad's linux computer. The problem was he deleted the database one time and said it was my own fault <_<

baaaackuuuuups

Yup, I love that pass encrypts with PGP, I use git integration and have the store on a remote private repo and my phone as well, the only problem would be if I lost my private key.

DJ Omnimaga

Nanowar confirmed on Revsoft via news and a PM sent to me that Revsoft was attacked as well. Database was compromised.

@Juju please redo scans of the two suspicious IPs

Streetwalrus

I see both IPs in today's Nginx logs. We should disable password authentication on ssh and use only private keys.

critor

Quote from: Juju on December 07, 2015, 12:53:57 am
Well, the most recent ones, as in, the last 3 incidents or so. He knows about other sites because we told him so.


And apparently he should stop assuming and implying strange things.

We've got hacking attempts almost everyday in the logs.
It's not because he doesn't know about it that it doesn't happen.

alexgt

This is strange how multiple websites are getting hacked at the same time O.O.
It is ISIS nooooo : P

DJ Omnimaga

Could this be why ticalc.org have troubles with their login and voting system since POTY started? @Travis should run some scans

Travis

I did discover suspicious activity from 90.11.159.131 on ticalc.org yesterday. We're investigating.

Edit: We may have something official to say later, but at this point, I do strongly recommend that people consider change their ticalc.org passwords now, especially if you're using the same passwords for anything else.

KermMart̕ian

December 07, 2015, 07:21:36 pm #27 Last Edit: December 09, 2015, 02:12:24 am by KermMartian
Sorry to hear that you guys were also hit a day later by this attacker. I hope as a community we can all get to the bottom of who feels so destructively towards us.

alexgt

Well, if they blame us it doesn't mean that CW is bad it means there is a member that should be banned.

Lionel Debroux

December 07, 2015, 07:48:53 pm #29 Last Edit: December 10, 2015, 09:48:48 pm by Lionel Debroux
Quote from: KermMartian on December 07, 2015, 07:21:36 pm
Of course, this all happened after the rest of the community noted how interesting it was that CodeWalrus was spared. That's a very unfortunate coincidence.

Strongly disappointed by your first comment ever on CW, Kerm, though not surprised nowadays. You know you can be a much more useful community member than you show here.
Member of the TI-Chess Team.
Co-maintainer of GCC4TI (GCC4TI online documentation), TIEmu and TILP.
Co-admin of TI-Planet.

Powered by EzPortal