PMBD PMBD
Welcome, Guest. Please login or register.
2024 November 24, 19:12:49

Login with username, password and session length
Search:     Advanced search
138712 Posts in 1637 Topics by 5295 Members
Latest Member: ImaginaryPorkchop
* Home Help Search Calendar Login Register
+  PMBD
|-+  The Pirate Ship
| |-+  ARR!
| | |-+  TSR: In Ur Accounts, Deletin Ur Stuffs!
0 Members and 2 Chinese Bots are viewing this topic. « previous next »
Pages: 1 ... 22 23 [24] 25 26 ... 185 THANKS THIS IS GREAT Print
Author Topic: TSR: In Ur Accounts, Deletin Ur Stuffs!  (Read 984198 times)
raebchen
ARR!

Posts: 69



View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #345 on: 2009 March 31, 18:06:46 »
THANKS THIS IS GREAT

Them using your complaints about breaches to support their claim it has really happened...

I don't see how that confirms it.  I think the idea is to say, "Hey, we heard you're claiming a breech in security that happened several months ago.  Why weren't we informed?  Why weren't we told to change our password?

If TSR says, "Noo, there was no breech," then they'll be also admitting they lied to Delphy.

if TSR says, "Well, there was a breech..." then they still have to explain why none of their valued customers and members were given any instructions on how to keep themselves safe.  TSR asks for a lot of personal information, if they were hacked, they have an obligation to warn people so they will know to change passwords and any other sensitive information.

Yes, telling them to change personal information after a hack is rather like locking the barn after the horse escaped, but telling them to change their password to a new one is not and is the only decent thing to do after a breech.  They didn't do that, they have some 'splainin' to do.

Thanks Darqstar, I've been trying to say what I meant in another way and you just did it perfectly.
Logged

Official member of the "army of disillusioned miscreants" and proud of it! *waves at Thomass*
Anouk
ARR!

Posts: 1782


Inactive


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #346 on: 2009 March 31, 18:09:49 »
THANKS THIS IS GREAT

As TSR you will look a whole lot better as the victim that tried to hide their shame, than the agressor that hacked several sites. But that may be just me.  Cheesy I'd rather be seen as an irrisponsible loserish fansite that can promise to do better in the future, than a hacker. Don't underestimate puppy dog eyes and pity Tongue
Logged

Inactive
Delphy
ARR!

Posts: 103


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #347 on: 2009 March 31, 18:18:05 »
THANKS THIS IS GREAT

Okay this is gonna be long and slightly repeating myself here.  So here goes.

First, the screenshot from Sinthe:



As I have said, none of the IPs marked there are logged against Thomas' account on MTS2.  Let's examine this:

mysql> select * from iplogtable left join user on (user.userid=iplogtable.userid) where iplogtable.ipaddress in ('75.168.197.143', '75.168.189.143', '78.129.197.69', '83.142.228.139', '75.168.199.213');

+--------------+----------------+----------------------------------------------------------------------------------------------------------+
| username     | ipaddress      | info                                                                                                     |
+--------------+----------------+----------------------------------------------------------------------------------------------------------+
| Sinthe       | 75.168.199.213 | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4 Creative ZENcast v2.01.01 |
| Sinthe       | 75.168.197.143 | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4               |
| sherriesim   | 83.142.228.139 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7)    |
| Sinthe       | 75.168.189.143 | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4               |
| Adele Somers | 83.142.228.139 | Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB5; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30) |
| leftywillnot | 83.142.228.139 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7)                |
+--------------+----------------+----------------------------------------------------------------------------------------------------------+

Now let's examine the other IP addresses used for NaturalSims:

+------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| username         | ipaddress     | info                                                                                                                                                                                                    |
+------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| xxxx         | 70.85.179.186 | Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9) Gecko/2008052906 Firefox/3.0 (de) (TL-FF)                                                                                                          |
| yyyy | 70.85.197.178 | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0                                                                                                                    |
| yyyy | 70.85.179.186 | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9) Gecko/2008052906 Firefox/3.0                                                                                                                    |
| zzzz            | 70.85.197.178 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; Sky Broadband; Sky Broadband)                                                                                 |
| aaaa        | 70.85.197.178 | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.3                                                                                                              |
| bbbb         | 70.85.179.186 | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5                                                                                                              |
| bbbb         | 70.85.179.186 | Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.5) Gecko/2008120122 Firefox/3.0.5                                                                                                              |
| ccccc        | 70.85.197.178 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Foxy/1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Foxy/1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; MAXTHON 2.0) |
| dddd   | 70.85.197.178 | Mozilla/5.0 (Windows; U; Windows NT 5.1; cs; rv:1.9.0.6) Gecko/2009011913 Firefox/2.0.0.3                                                                                                               |
| buggybooz        | 70.85.179.186 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7)                                                                                                   |
| Hamilton         | 70.85.179.186 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7)                                           
| leftywillnot | 70.85.197.178 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
                                                      |
+------------------+---------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

(I've blanked out the names of the other people using these same IPs. None of them are particularly stand outworthy).  The interesting ones are the ones that share the same IP and the same browser info.

Let's look at that browser string, too, since it's fairly uncommon:

+------------+----------------+-------------------------------------------------------------------------------------------------------+
| username   | ipaddress      | info                                                                                                  |
+------------+----------------+-------------------------------------------------------------------------------------------------------+
| sherriesim | 87.194.217.73  | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| sherriesim | 83.142.228.139 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| sherriesim | 90.212.232.224 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| buggybooz  | 70.85.179.186  | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| Hamilton   | 70.85.179.186  | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| leftywillnot | 70.85.197.178  | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| leftywillnot | 83.142.228.139 | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
| leftywillnot | 70.85.197.178  | Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; FDM; ImageShack Toolbar 4.5.7) |
+------------+----------------+-------------------------------------------------------------------------------------------------------+

The date on the IP address usage on Thomas' MTS2 account was a few hours *after* the intrusion on buggy's account.  So whoever it was logged into buggy's account *first* and then logged into Thomas' after (not the other way around).  This could be for one of two reasons: Either they wanted to check everything out from a "normal" users perspective to make sure everything of buggys was gone, or they wanted to deliberately create a link between the two.

With regards to the security thing, and the timings, I do think that it's *very* suspicious that somebody would keep ahold of user account logins for *months* and not use them and then only use them now and *also*, at the end of it all, change buggys profile to a pro paysite friendly one.  This last act is the one that suggests it's more personal, rather than general.

Also as an update, according to Steve they investigated the item, confirmed it was the same, and have since removed it in the past couple hours.  Since I don't have a TSR account I obviously can't check. Smiley

Edited to add info from S2C.
« Last Edit: 2009 March 31, 18:30:19 by Delphy » Logged
Darqstar
ARR!

Posts: 1269


Somehow Involved.


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #348 on: 2009 March 31, 18:20:43 »
THANKS THIS IS GREAT

As TSR you will look a whole lot better as the victim that tried to hide their shame, than the agressor that hacked several sites. But that may be just me.  Cheesy I'd rather be seen as an irrisponsible loserish fansite that can promise to do better in the future, than a hacker. Don't underestimate puppy dog eyes and pity Tongue

Oh, I agree, which is exactly why they're claiming this whole, "Hey giuz, we haxed! ONOES!"   But, as a former subscriber to TSR, I'd be more worried personally if there was a hacker.  I exchanged PM's with some folks that had some sensitive information that I stored.  I blithely gave them my true name and address, because I thought in order to subscribe, the information on your profile had to match the information given to the credit card company.

So, while to the community it would look better to have been hacked, to each individual, it could be a very different story.  If someone hacked into TSR and I wasn't notified?  If I still had all the stuff I used to have?  I would be livid.  I'd be beyond livid. I would call the credit card company they use, I would flip my shit out good.  Because that's my safety they've just compromised.  

It's not that I'd blame them for being hacked even.  Mistakes can happen and no one is invulnerable.  But the fact that they didn't warn people so they could change their passwords (in case the hacker returned before security leaks were blocked)  get rid of sensitive information, and go around changing passwords at other sites that used them.  That would be a HUGE issue.  Even if I was still enchanted with TSR, I would never subscribe again, because I couldn't risk it, I couldn't risk that someone might hack TSR again and again, I'd only find out third hand.



Logged

Now with the POWAH to ruin the internet!
siberiansunset
ARR!

Posts: 252


Nimeni on Inigo Montoya...


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #349 on: 2009 March 31, 18:23:53 »
THANKS THIS IS GREAT

*snippy snip*

The date on the IP address usage on Thomas' MTS2 account was a few hours *after* the intrusion on buggy's account.  1.So whoever it was logged into buggy's account *first* and then logged into Thomas' after (not the other way around).  This could be for one of two reasons: Either they wanted to check everything out from a "normal" users perspective to make sure everything of buggys was gone, or they wanted to deliberately create a link between the two.

With regards to the security thing, and the timings, I do think that it's *very* suspicious that somebody would keep ahold of user account logins for *months* and not use them and then only use them now and *also*, at the end of it all, change buggys profile to a pro paysite friendly one.  2.This last act is the one that suggests it's more personal, rather than general.

3. Also as an update, according to Steve they investigated the item, confirmed it was the same, and have since removed it in the past couple hours.  Since I don't have a TSR account I obviously can't check. Smiley


1.Very suspect indeed.
2. I whole-heartedly agree.
3. What items were made by shakeshaft from stealing from BB, so i can check?
Logged

There's humans and monkeys and you're what God made between.
Oh yeah, SHAKESHIT IS A THIEF!
Set Them Free!
TSR Tool...
Shiny
Landlubber

Posts: 5


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #350 on: 2009 March 31, 18:25:56 »
THANKS THIS IS GREAT

From MaxoidHydra:

Hi Simmers,

We're still seeing a few off topic posts concerning TSR and a thread on MTS2. Threads about this issue will be deleted and temp bans will be given out if they continue to be posted.

If you woud like to discuss the issue, please discuss them in either the TSR or MTS2 forums.

Thanks.


HAHAHAHA. Yes, we'll take it to TSR. Why didn't I think of that, that's brilliant. What an extremely relevant response to what people have been saying on the BBS.
Logged
raebchen
ARR!

Posts: 69



View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #351 on: 2009 March 31, 18:26:39 »
THANKS THIS IS GREAT

As TSR you will look a whole lot better as the victim that tried to hide their shame, than the agressor that hacked several sites. But that may be just me.  Cheesy I'd rather be seen as an irrisponsible loserish fansite that can promise to do better in the future, than a hacker. Don't underestimate puppy dog eyes and pity Tongue

I see what you're saying. I guess, the way I am seeing it is that he did attack buggybooz and MTS2, now let's cause some more butthurt, while you look at it from the view point of the greater community and those who are watching all this from the fence. For me, TSR will never look like the victim no matter what. But then again, I am not the person, that needs to be convinced of their evil doings  Cheesy
Logged

Official member of the "army of disillusioned miscreants" and proud of it! *waves at Thomass*
scrappysim
ARR!

Posts: 300



View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #352 on: 2009 March 31, 18:36:16 »
THANKS THIS IS GREAT

As TSR you will look a whole lot better as the victim that tried to hide their shame, than the agressor that hacked several sites. But that may be just me.  Cheesy I'd rather be seen as an irrisponsible loserish fansite that can promise to do better in the future, than a hacker. Don't underestimate puppy dog eyes and pity Tongue

Except that as an irresponsible loser-ish fansite that allows personal information to be shared and then gets "hacked" and more personal information is acquired by someone with malicious intent they become someplace that even more people would need to protect themselves against.  The idea that they may have hacked someones profile is despicable but may not cause a big hit to their pocketbooks but if they once again cant be trusted with personal information then maybe that would be the angle to exploit to get people either to not get subs or to try to cancel current ones.  I mean people can be appalled about the behavior and not act on that but if your passwords and personal information are not safe then that seems like it might spur more action on the part of the "on the fencers" than something that only effects other people.
Logged

Live Well, Laugh Often, Love Deeply. . . . It's worth it!
Skoria_Bay
ARR!

Posts: 231


Give me a tall ship and star to sail her by


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #353 on: 2009 March 31, 18:37:13 »
THANKS THIS IS GREAT

I didn't see any pots on Shakeshaft's artist's sight. I think Steve has removed them.
Logged

Pescado: I will THROW THEM IN A VAT OF BOILING SHARKS!
mustluvcatz: So, what good would a vat of boiling sharks do? I mean, wouldn't the sharks be dead?
Pescado: SILENCE!
neriana
ARR!

Posts: 1134



View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #354 on: 2009 March 31, 18:49:17 »
THANKS THIS IS GREAT


 anyone who messages the tsr will probably be ignored unless enough people do it.

Don't message TSR. Eesh. That's like calling the thief to ask him to please return what he stole.

Message Paypal. Report TSR to better business sites.
Logged

SoggyFox
ARR!

Posts: 2263


Reyn


View Profile WWW
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #355 on: 2009 March 31, 18:51:04 »
THANKS THIS IS GREAT

Yeah - I vote we, as our bans are lifted, keep posting on the BBS - or don't they want the children protected from the crooks at TSR....oh, wait.
Logged

"Try diplomacy, you can always invade them later." Pescado
www.thestormradio.com
raebchen
ARR!

Posts: 69



View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #356 on: 2009 March 31, 18:52:38 »
THANKS THIS IS GREAT


 anyone who messages the tsr will probably be ignored unless enough people do it.

Don't message TSR. Eesh. That's like calling the thief to ask him to please return what he stole.

Message Paypal. Report TSR to better business sites.

Ripoffreport.com is a good one. A company I used to work for had pages of complaints there. I remember finding them and being shocked about it. Anyway, I don't think they ever delete anything on there, so it'll be up for everyone to see.


ETA: Soggyfox, I haven't been banned there yet. I suggest we alternate. Everyday someone will start a post there, so banning won't matter, as there is plenty of people here to go post over there. I'll do it tonight or tomorrow as I am off to an interview and then to work. Someone else post the day after and so on...
Logged

Official member of the "army of disillusioned miscreants" and proud of it! *waves at Thomass*
Anouk
ARR!

Posts: 1782


Inactive


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #357 on: 2009 March 31, 18:53:43 »
THANKS THIS IS GREAT

As TSR you will look a whole lot better as the victim that tried to hide their shame, than the agressor that hacked several sites. But that may be just me.  Cheesy I'd rather be seen as an irrisponsible loserish fansite that can promise to do better in the future, than a hacker. Don't underestimate puppy dog eyes and pity Tongue

Except that as an irresponsible loser-ish fansite that allows personal information to be shared and then gets "hacked" and more personal information is acquired by someone with malicious intent they become someplace that even more people would need to protect themselves against.  The idea that they may have hacked someones profile is despicable but may not cause a big hit to their pocketbooks but if they once again cant be trusted with personal information then maybe that would be the angle to exploit to get people either to not get subs or to try to cancel current ones.  I mean people can be appalled about the behavior and not act on that but if your passwords and personal information are not safe then that seems like it might spur more action on the part of the "on the fencers" than something that only effects other people.

I agree, but I don't know if the less computer savvy people - and that's a huge chunk of the populace - will be worried enough, especially if TSR apolagizes and promises to do better/ take care of it. They could feed them anything.
And going into TSR posting that - they can pick and choose what to delete and what not, and all that's left is what they want people to read.
I'd just take it to Paypal.
Logged

Inactive
scrappysim
ARR!

Posts: 300



View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #358 on: 2009 March 31, 18:57:59 »
THANKS THIS IS GREAT

As TSR you will look a whole lot better as the victim that tried to hide their shame, than the agressor that hacked several sites. But that may be just me.  Cheesy I'd rather be seen as an irrisponsible loserish fansite that can promise to do better in the future, than a hacker. Don't underestimate puppy dog eyes and pity Tongue

Except that as an irresponsible loser-ish fansite that allows personal information to be shared and then gets "hacked" and more personal information is acquired by someone with malicious intent they become someplace that even more people would need to protect themselves against.  The idea that they may have hacked someones profile is despicable but may not cause a big hit to their pocketbooks but if they once again cant be trusted with personal information then maybe that would be the angle to exploit to get people either to not get subs or to try to cancel current ones.  I mean people can be appalled about the behavior and not act on that but if your passwords and personal information are not safe then that seems like it might spur more action on the part of the "on the fencers" than something that only effects other people.

I agree, but I don't know if the less computer savvy people - and that's a huge chunk of the populace - will be worried enough, especially if TSR apolagizes and promises to do better/ take care of it. They could feed them anything.

But the ones who will believe them wont be swayed by the hacking argument either then.  I think if people think they could somehow be effected or hurt by the occurrences (even if they believe that it isn't TSR's fault) they might be more apt to do something.  If this was the first time that peoples info was shown not to be safe there then that would be one thing but how many times can TSR put people's info in jeopardy without beginning to feel it in the bottom line. 
Logged

Live Well, Laugh Often, Love Deeply. . . . It's worth it!
Anouk
ARR!

Posts: 1782


Inactive


View Profile
Re: TSR: In Ur Accounts, Deletin Ur Stuffs!
« Reply #359 on: 2009 March 31, 19:07:48 »
THANKS THIS IS GREAT

Let's hope so. But I think it will just end up being cencored like everything else.
Logged

Inactive
Pages: 1 ... 22 23 [24] 25 26 ... 185 Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.106 seconds with 20 queries.