GSC has been hacked
Johan:
Quote from: J. M. Pescado on 2010 January 13, 17:02:21
A false flag operation is when you covertly attack your own side and frame the other side for the act. Coconut is more into "wild speculation based on the available information" and does not have the technical ability or access to stage a false flag operation against anyone.
And when the information available isn't interesting enough she can get really creative and just make things up. A false flag operation from that end wouldn't surprise me the least if she had the opportunity. Like for example if she got a hold of the petition.
It's interesting that the incriminating evidence she claims to have still hasn't shown up.
Quote from: J. M. Pescado on 2010 January 13, 17:02:21
What sort of "signs"? Merely logins from strange IPs? That could even be Thomas himself checking whether the proxy is working. While Thomas remains the main suspect for the rogue operator who released the information, it could also be someone else. And not all of your DB administrators are fambly, either, apparently. Either way, no matter what happened, SOMEONE leaked the DB information, and the only person who could have done that is a DB administrator. That, or you are postulating the existence of someone who is simultaneously skilled enough to discover and use an exploit in nonstandard software (ruling out script-kiddy public exploits), steal your password database, and inept enough to attempt manual wiping of forum posts as a user, a combination of "extremely skilled" and "extremely stupid, short-sighted, and inefficient" that is completely devoid of internal consistency regardless of what political motivations you wish to ascribe to them.
There were items in his download basket that he didn't put there. Unfortunately our login log has been purged so i can't investigate it any further now.
That login information leaked from the TSR database via some kind of exploit or compromised account is one possibility but there could be other explanations to this.
I don't _know_ exactly what happened and it annoys me a great deal.
Thomas don't have the knowledge to perform such operations without leaving a trace and my fellow sysadmin is also out of the question, even if he would have the technical skills required.
To think that one of the owners of TSR (who are the only ones with access to the member database) leaked login information is just not realistic. I know how we think and operate.
J. M. Pescado:
Quote from: Johan on 2010 January 13, 18:32:02
And when the information available isn't interesting enough she can get really creative and just make things up.
I have not seen anything "made up" except theories. Certainly there has been no fabrication of actual EVIDENCE. And everyone is entitled to crackpot theories, after all. Sometimes they're even right.
Quote from: Johan on 2010 January 13, 18:32:02
A false flag operation from that end wouldn't surprise me the least if she had the opportunity. Like for example if she got a hold of the petition.
It's interesting that the incriminating evidence she claims to have still hasn't shown up.
Which incriminating evidence? I haven't seen any "claims".
Quote from: Johan on 2010 January 13, 18:32:02
There were items in his download basket that he didn't put there. Unfortunately our login log has been purged so i can't investigate it any further now.
I fail to see how that is meaningful. Any number of reasons could cause items to be added to a computerized download basket. Technical glitches, misclicks, or he could simply have forgotten. This happens all the time.
Quote from: Johan on 2010 January 13, 18:32:02
That login information leaked from the TSR database via some kind of exploit or compromised account is one possibility but there could be other explanations to this.
I don't _know_ exactly what happened and it annoys me a great deal.
Well, TSR's code is nonstandard. It's not an off-the-shelf component, and as such, is largely immune to attack by common script-kiddies. That means you're going to need some degree of actual wizardry to find and use an exploit. Let us postulate that such a event occurred and resulted in this outside party acquiring your DB. Why, then, is this same party using the access they have gained from it in such an inept, hamfisted way that is utterly inconsistent with anything a wizard would do? Wizards do not concern themselves with anything as boring and drudgerous as manually deleting posts off a site thread by thread. That would be stupid. A wizard would just drop the entire database in a single command. Or steal it and leave silently, without anything to indicate that something was amiss. That is how a wizard would operate. Given that this behavior is completely inconsistent with a wizard, and NO wizard would EVER do such a thing, we must consider the only other alternate hypothesis: An administrative user did so.
Quote from: Johan on 2010 January 13, 18:32:02
Thomas don't have the knowledge to perform such operations without leaving a trace and my fellow sysadmin is also out of the question, even if he would have the technical skills required.
You may very well be right. Maybe they don't have the knowledge to perform such an operation without leaving a trace...and guess what? They didn't. From your own testimony, big, fat, sloppy traces were left everywhere. Not traces solid enough to prove that one of them specifically did it, for whoever did it DID try to cover their tracks, but clearly, enough to reveal that one of them DID do it.
Quote from: Johan on 2010 January 13, 18:32:02
To think that one of the owners of TSR (who are the only ones with access to the member database) leaked login information is just not realistic. I know how we think and operate.
And yet you are left with a conundrum: You agree that TSR owners are the only ones with access to the member database. Yet, information from that database was leaked. Obviously, one of these must be false: Either TSR owners are not the only ones with access to the database, or you don't know how they REALLY think and operate.
I, on the other hand, know security. I know that in order to accomplish sucha thing WITHOUT authorized access to the database, one would have to be a wizard. This individual would have to have a decent understanding of PHP and SQL injection. He would have to understand this subject matter enough that he could devise his own attacks, for TSR is not stock code and cannot be attacked by script-kiddy methods. Having thus the ABILITY to gain access to the DB, he would then need to know exactly what to look for in the DB, and then, having found that information, he would need a motive and opportunity to USE it. Now, I know wizards. Wizards are very tight with the information they illicitly gain. They do not squander it casually, especially when it is so hard-won, and certainly are not inclined to allow mere hoi polloi to play with it, especially not in such a clumsy and amateurish fashion. So I argue that it is clear a wizard did not do this. Do you dispute this argument?
Inge:
Quote from: J. M. Pescado on 2010 January 13, 19:05:45
Yet, information from that database was leaked.
Pescado this is no longer in question. Johan and Thomas have both openly stated that TSR admins (I think the actual agent was Steve) shared information from the database with a group of TSR artists, supposedly to boost their morale that was low due to having their work "stolen". I am not sure what it was *intended* they should do with the information. In Thomas's case he still thinks it was correct to have done this. In Johan's case he's not so sure. We haven't heard from Steve to find out how he feels about it now.
Johan:
Quote from: Inge on 2010 January 13, 19:55:42
Quote from: J. M. Pescado on 2010 January 13, 19:05:45
Yet, information from that database was leaked.
Pescado this is no longer in question. Johan and Thomas have both openly stated that TSR admins (I think the actual agent was Steve) shared information from the database with a group of TSR artists, supposedly to boost their morale that was low due to having their work "stolen". I am not sure what it was *intended* they should do with the information. In Thomas's case he still thinks it was correct to have done this. In Johan's case he's not so sure. We haven't heard from Steve to find out how he feels about it now.
Not quite, the actual agents were Thomas and me. We posted names of pirates we caught by the watermark in a private forum.
The intention was somewhere in the line of a morale boost for our artist showing them we were able to do something about the pirate problem.
In all fairness Steve had nothing to do with it.
The watermarking was quite successful until Pescado ruined it all by cleaning the files before putting them in the booty.
Yes publishing names was short sighted, morally wrong and unthoughtful.
It happened but if i can help it it will not happen again.
Anyway, this is completely unrelated to the events we debate now.
Pescado firmly believes that the only way someone could have "hacked" Buggybooz account on MTS would be that the hacker got the password from the TSR database, this is the leak in question.
Inge:
Johan, the screenshots of the chat I saw where artists were being given details of some users it was Steve with them, I am sure. This was a chat not a forum.
Navigation
[0] Message Index
[#] Next page
[*] Previous page