Go Back   English Forum Switzerland > Support > Support > Forum support  
Reply
 
Thread Tools Display Modes
  #101  
Old 19.01.2019, 16:49
3Wishes's Avatar
Moderately Amused
 
Join Date: Jul 2010
Location: Bern area
Posts: 10,596
Groaned at 77 Times in 74 Posts
Thanked 17,427 Times in 7,851 Posts
3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute
Re: Englishforum security breach?

I don't know for sure, but I have a feeling that the message is still being tweaked before it is sent out.

Now that it appears the breach is from many years ago, to me there's less of a sense of urgency. I'd guess that the admins want to get the information right, determine how many accounts to deactivate vs notify, etc. before sending out a blanket email.

You lot have all changed your passwords by now and weren't waiting on the email, right??
Reply With Quote
The following 2 users would like to thank 3Wishes for this useful post:
  #102  
Old 19.01.2019, 17:04
Banned
 
Join Date: Jan 2019
Location: close to the frontier
Posts: 1,018
Groaned at 141 Times in 86 Posts
Thanked 597 Times in 379 Posts
Clocker has become a little unpopular
Re: Englishforum security breach?

Quote:
View Post
Furthermore, all dormant accounts, those which have not logged in since 01.01.17, will be permanently deleted. The posts from deleted accounts will remain published but labelled as authored by "Guest".
That will still leave a lot of 'dormant' accounts fully active and open to abuse. Surely this should be 'since 1.1.18' ??? ...
Reply With Quote
  #103  
Old 20.01.2019, 11:03
robBob's Avatar
Forum Veteran
 
Join Date: Mar 2012
Location: Zurich
Posts: 2,397
Groaned at 45 Times in 32 Posts
Thanked 2,109 Times in 1,151 Posts
robBob has a reputation beyond reputerobBob has a reputation beyond reputerobBob has a reputation beyond reputerobBob has a reputation beyond reputerobBob has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
The following security notice is being distributed.

In an abundance of caution, we will force a reset of all user passwords sometime during 16th/17th January 2019. All users will be emailed this security notice. Furthermore, all dormant accounts, those which have not logged in since 01.01.17, will be permanently deleted. The posts from deleted accounts will remain published but labelled as authored by "Guest". A small handful of dormant accounts will be preserved for historical community reasons.

Does this imply that I am doomed to end up someday being a guest and not a ghost?


And are all legends doomed to be guested away?
Reply With Quote
The following 3 users would like to thank robBob for this useful post:
  #104  
Old 20.01.2019, 11:17
me.anon's Avatar
Forum Veteran
 
Join Date: Jan 2012
Location: thun
Posts: 2,066
Groaned at 41 Times in 30 Posts
Thanked 2,715 Times in 1,314 Posts
me.anon has a reputation beyond reputeme.anon has a reputation beyond reputeme.anon has a reputation beyond reputeme.anon has a reputation beyond reputeme.anon has a reputation beyond reputeme.anon has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
That will still leave a lot of 'dormant' accounts fully active and open to abuse. Surely this should be 'since 1.1.18' ??? ...
In any case Mr Sean Connery has had a narrow escape. Since May 2016 his only posts have been on this thread. Or maybe this is an example of an account which has been hacked, and already in use by an imposter

But I guess it would be enough simply to clear the passwords of all 'dormant' accounts and to carefully scrutinize any request from the person claiming to be the owner for a new password, especially if the the "owner" also claims no longer to have access to the Email address associated with the a account (the latter not being a foolproof test though).
__________________
If you have difficulties with a post which contains a link to a site in one of the Swiss languages, use Google Translate or your own favourite translating browser.
Reply With Quote
This user would like to thank me.anon for this useful post:
  #105  
Old 21.01.2019, 15:30
Village Idiot's Avatar
Forum Legend
 
Join Date: Jul 2009
Location: Basel
Posts: 3,623
Groaned at 33 Times in 30 Posts
Thanked 6,810 Times in 2,194 Posts
Village Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond reputeVillage Idiot has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
And are all legends doomed to be guested away?
Yes, that is my fear as well. Old conversations would lose so much of their richness if it was simply "guest" talking to "guest".
Reply With Quote
  #106  
Old 21.01.2019, 15:53
Administrator
 
Join Date: Mar 2008
Location: Munich
Posts: 214
Groaned at 44 Times in 24 Posts
Thanked 1,743 Times in 618 Posts
Editor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond repute
Re: Englishforum security breach?

Slight tweak of the plans there.

Only accounts which have never posted, and have not logged in since 01.01.18 will be deleted. This is approximately 58,000 accounts.

Users who have one or more posts to their name will not be deleted, no matter how inactive they have since become.

The pruning should happen early this week.
Reply With Quote
This user would like to thank Editor Bob for this useful post:
The following 2 users groan at Editor Bob for this post:
  #107  
Old 21.01.2019, 16:00
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,086
Groaned at 486 Times in 405 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

very curious,

So how does deleting old accounts solve / sort / explain / help etc etc a security breach ??

sorry but it seems like EF are totally burying their heads and trying to deflect, given the mother company is based in the EU I think editor bob you should be taking things a tad more seriously.
Reply With Quote
This user would like to thank bigblue2 for this useful post:
  #108  
Old 21.01.2019, 16:03
Administrator
 
Join Date: Mar 2008
Location: Munich
Posts: 214
Groaned at 44 Times in 24 Posts
Thanked 1,743 Times in 618 Posts
Editor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond repute
Re: Englishforum security breach?

It doesn't fix past breaches, but it reduces exposure going forward - both to the server and to the users. Your account can't be hacked if you don't have an account.
Reply With Quote
This user would like to thank Editor Bob for this useful post:
This user groans at Editor Bob for this post:
  #109  
Old 21.01.2019, 16:04
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,086
Groaned at 486 Times in 405 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
It doesn't prevent past breach. But it reduces exposure going forward - both to the server and to the users. Your account can't be hacked if you don't have an account.
please read back what you just posted out loud.
Reply With Quote
This user would like to thank bigblue2 for this useful post:
  #110  
Old 21.01.2019, 16:07
Administrator
 
Join Date: Mar 2008
Location: Munich
Posts: 214
Groaned at 44 Times in 24 Posts
Thanked 1,743 Times in 618 Posts
Editor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond reputeEditor Bob has a reputation beyond repute
Re: Englishforum security breach?

I often type a reply quickly then go back and fix the grammar and spelling moments after. Apologies for that.

Do you have anything helpful to add to the discussion?
Reply With Quote
The following 2 users would like to thank Editor Bob for this useful post:
The following 3 users groan at Editor Bob for this post:
  #111  
Old 21.01.2019, 16:09
Guest
 
Posts: n/a
Re: Englishforum security breach?

Quote:
View Post
please read back what you just posted out loud.



....slowly
Reply With Quote
This user would like to thank for this useful post:
  #112  
Old 21.01.2019, 16:13
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,086
Groaned at 486 Times in 405 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
I often type a reply quickly then go back and fix the grammar and spelling moments after. Apologies for that.

Do you have anything helpful to add to the discussion?
??? wow


OK, as soon as you where made aware of a potential breach a cpuple of things should have happened

1. EF taken off line while you installed the latest patches of everything
2. ALL accounts should be locked and emails sent with instruction on how to change your password to unlock your account.

these are fairly standard breach actions.

deleting old accounts??? seriously, whats the point? if they have the database and decrypted it then the horse has already bolted, they have your email, your (old*) password and your EF account details so the scam can still work.

stop pretending to do something and do something, or hire someone who can.

* maybe
Reply With Quote
The following 3 users would like to thank bigblue2 for this useful post:
  #113  
Old 21.01.2019, 16:14
Guest
 
Posts: n/a
Re: Englishforum security breach?

And what is the plan besides deleting old unused accounts?

Has a notification even gone out in any way, or do only those that stumble upon these topics have awareness?
Reply With Quote
This user would like to thank for this useful post:
  #114  
Old 21.01.2019, 16:22
Forum Legend
 
Join Date: Jun 2008
Location: Zurich
Posts: 7,814
Groaned at 282 Times in 211 Posts
Thanked 17,388 Times in 6,116 Posts
k_and_e has a reputation beyond reputek_and_e has a reputation beyond reputek_and_e has a reputation beyond reputek_and_e has a reputation beyond reputek_and_e has a reputation beyond reputek_and_e has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
Slight tweak of the plans there.

Only accounts which have never posted, and have not logged in since 01.01.18 will be deleted. This is approximately 58,000 accounts.

Users who have one or more posts to their name will not be deleted, no matter how inactive they have since become.

The pruning should happen early this week.

Would those be the accounts of spammers, of which all posts have been deleted?
Reply With Quote
The following 2 users would like to thank k_and_e for this useful post:
  #115  
Old 21.01.2019, 16:28
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,086
Groaned at 486 Times in 405 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

Reply With Quote
  #116  
Old 21.01.2019, 16:30
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,086
Groaned at 486 Times in 405 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

check out some of these fines, just sayin


https://www.google.com/search?q=fine...hrome&ie=UTF-8

20,000 euro for a german forum
https://www.welivesecurity.com/2018/...ces-fine-gdpr/

got your attention yet?
Reply With Quote
  #117  
Old 21.01.2019, 17:12
krlock3's Avatar
Forum Legend
 
Join Date: Feb 2006
Location: Zürich
Posts: 3,008
Groaned at 46 Times in 33 Posts
Thanked 2,246 Times in 1,079 Posts
krlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post

OK, as soon as you where made aware of a potential breach a cpuple of things should have happened
As you say, please read what you posted out loud. I do like this new word cpuple!
Reply With Quote
This user would like to thank krlock3 for this useful post:
  #118  
Old 21.01.2019, 17:14
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,086
Groaned at 486 Times in 405 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
As you say, please read what you posted out loud. I do like this new word cpuple!
it wasn't due to any typo or grammar issues of bob's post, more that it was just total b0ll0cks
Reply With Quote
  #119  
Old 21.01.2019, 17:15
krlock3's Avatar
Forum Legend
 
Join Date: Feb 2006
Location: Zürich
Posts: 3,008
Groaned at 46 Times in 33 Posts
Thanked 2,246 Times in 1,079 Posts
krlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond reputekrlock3 has a reputation beyond repute
Re: Englishforum security breach?

How many b0ll0cks?

A cpuple?
Reply With Quote
The following 2 users would like to thank krlock3 for this useful post:
  #120  
Old 21.01.2019, 17:17
Banned
 
Join Date: Jan 2019
Location: close to the frontier
Posts: 1,018
Groaned at 141 Times in 86 Posts
Thanked 597 Times in 379 Posts
Clocker has become a little unpopular
Re: Englishforum security breach?

Quote:
View Post
Only accounts which have never posted, and have not logged in since 01.01.18 will be deleted. This is approximately 58,000 accounts.

Users who have one or more posts to their name will not be deleted, no matter how inactive they have since become.
There are really 58'000 accounts with no posts? The forum can be read without even having an account. Why would 58'000 people create accounts but never post?

How many accounts are there with at least one post?!
Reply With Quote
Reply

Tags
englishforum hack, password stolen, security breach, security password hack




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security breach: avoid buying online and using ATMs [Heartbleed Vulnerability] olygirl TV/internet/telephone 27 07.06.2014 15:10
A security breach happened at [fill in the blank aSwissInTheUS Daily life 1 21.05.2014 18:44
Major security breach at LinkedIn Castro TV/internet/telephone 13 07.06.2012 17:17
US issued card holders take note ( security breach issue ) jrspet International affairs/politics 1 31.03.2012 14:54
Guardian Jobs in UK - Security Breach transition International affairs/politics 0 26.10.2009 13:51


All times are GMT +2. The time now is 05:57.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0