Go Back   English Forum Switzerland > Support > Support > Forum support  
Reply
 
Thread Tools Display Modes
  #121  
Old 21.01.2019, 18:20
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,082
Groaned at 484 Times in 403 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
How many b0ll0cks?

A cpuple?
you are editor bob and ICMFP

way to deflect attention from the issue, focus on a typo
<slow clap>
Reply With Quote
  #122  
Old 21.01.2019, 18:49
curley's Avatar
Forum Legend
 
Join Date: Oct 2006
Location: canton ZH
Posts: 13,132
Groaned at 218 Times in 182 Posts
Thanked 15,264 Times in 7,847 Posts
curley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
There are really 58'000 accounts with no posts? The forum can be read without even having an account. Why would 58'000 people create accounts but never post?

How many accounts are there with at least one post?!
You can find out yourself by going through each and every account on here.
That should keep you busy for a while.

Let us know how many. And maybe how many with 5 posts too?
Reply With Quote
  #123  
Old 21.01.2019, 18:54
Spinal's Avatar
Forum Veteran
 
Join Date: Dec 2016
Location: Zurich
Posts: 1,492
Groaned at 11 Times in 10 Posts
Thanked 1,481 Times in 647 Posts
Spinal has a reputation beyond reputeSpinal has a reputation beyond reputeSpinal has a reputation beyond reputeSpinal has a reputation beyond reputeSpinal has a reputation beyond repute
Re: Englishforum security breach?

So I think that there must have been a (historical potentially) breach. I had a very quick trawl through a few dumps...

there are a few accounts with email address of englishforum@somedomain.whatever

Which is something that a few people (myself too at times) do to not reuse an email address. If I see an email address being spammed, I can trash that alias...

Not necessarily a englishforum.ch account, but potentially in the wider englishforum network.

Last edited by Spinal; 21.01.2019 at 19:10.
Reply With Quote
This user would like to thank Spinal for this useful post:
  #124  
Old 21.01.2019, 18:58
curley's Avatar
Forum Legend
 
Join Date: Oct 2006
Location: canton ZH
Posts: 13,132
Groaned at 218 Times in 182 Posts
Thanked 15,264 Times in 7,847 Posts
curley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
So I think that there must have been a (historical potentially) breach. I had a very quick trawl through a few dumps...

there are a few accounts with email address of englishforum@somedomain.whatever

Which is something that a few people (myself too at times) do to no reuse an email address. If I see an email address being spammed, I can trash that alias...

Not necessarily a englishforum.ch, but potentially in the wider englishforum network.
Read this twice. Didn't understand it.

Is it me only?
Reply With Quote
  #125  
Old 21.01.2019, 18:58
Banned
 
Join Date: Jan 2019
Location: close to the frontier
Posts: 1,018
Groaned at 140 Times in 85 Posts
Thanked 597 Times in 379 Posts
Clocker has become a little unpopular
Re: Englishforum security breach?

Quote:
View Post
You can find out yourself by going through each and every account on here.
That should keep you busy for a while. Let us know how many. And maybe how many with 5 posts too?
There are around 38'000 accounts on there. What happened to the 58'000 without any posts? Have they already gone?
Reply With Quote
  #126  
Old 21.01.2019, 19:03
Guest
 
Posts: n/a
Re: Englishforum security breach?

Quote:
View Post
There are around 38'000 accounts on there. What happened to the 58'000 without any posts? Have they already gone?
Only 3 people with a worse reputation than Omtatsat, I take the list as valid
Reply With Quote
The following 2 users would like to thank for this useful post:
  #127  
Old 21.01.2019, 19:13
Spinal's Avatar
Forum Veteran
 
Join Date: Dec 2016
Location: Zurich
Posts: 1,492
Groaned at 11 Times in 10 Posts
Thanked 1,481 Times in 647 Posts
Spinal has a reputation beyond reputeSpinal has a reputation beyond reputeSpinal has a reputation beyond reputeSpinal has a reputation beyond reputeSpinal has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
Read this twice. Didn't understand it.

Is it me only?
Let me try to clarify...

Let's pretent I own the domain greenpizza.com (I don't).

When signing up to sites, rather than use my main email (e.g. spinal@greenpizza.com) I'll use sitename@greenpizza.com (e.g. englishforum@greenpizza.com).

In the background, I'll have configured my mail server to redirect or forward all emails sent to an unknown address @greenpizza.com to my spinal@greenpizza.com address.

That way, each site uses a "unique" email address, as well as a unique password.

What I've done is to look at a few of these leaked dumps, and searched for englishforum* (i.e. anything starting with englishforum in the email address) - which returned a few hits.

M
Reply With Quote
  #128  
Old 21.01.2019, 19:14
roegner's Avatar
Moderately Dutch
 
Join Date: May 2011
Location: Zurich
Posts: 11,359
Groaned at 379 Times in 317 Posts
Thanked 14,627 Times in 6,761 Posts
roegner has a reputation beyond reputeroegner has a reputation beyond reputeroegner has a reputation beyond reputeroegner has a reputation beyond reputeroegner has a reputation beyond reputeroegner has a reputation beyond repute
Re: Englishforum security breach?

Quote:
Only 3 people with a worse reputation than Omtatsat, I take the list as valid
Really? Where did you find that? And why?
Reply With Quote
This user would like to thank roegner for this useful post:
  #129  
Old 21.01.2019, 19:22
curley's Avatar
Forum Legend
 
Join Date: Oct 2006
Location: canton ZH
Posts: 13,132
Groaned at 218 Times in 182 Posts
Thanked 15,264 Times in 7,847 Posts
curley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond reputecurley has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
Let's pretent I own the domain greenpizza.com (I don't).

When signing up to sites, rather than use my main email (e.g. spinal@greenpizza.com) I'll use sitename@greenpizza.com (e.g. englishforum@greenpizza.com).

In the background, I'll have configured my mail server to redirect or forward all emails sent to an unknown address @greenpizza.com to my spinal@greenpizza.com address.

That way, each site uses a "unique" email address, as well as a unique password.

M
Thanks, got it now.
I saw that system mentioned a few days ago and I might take it up actually.
Reply With Quote
  #130  
Old 21.01.2019, 20:57
Guest
 
Posts: n/a
Re: Englishforum security breach?

Quote:
View Post
I often type a reply quickly then go back and fix the grammar and spelling moments after. Apologies for that.

Do you have anything helpful to add to the discussion?



I think he already has
Reply With Quote
This user would like to thank for this useful post:
  #131  
Old 21.01.2019, 22:30
3Wishes's Avatar
Moderately Amused
 
Join Date: Jul 2010
Location: Bern area
Posts: 11,350
Groaned at 90 Times in 86 Posts
Thanked 19,665 Times in 8,701 Posts
3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute3Wishes has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
There are really 58'000 accounts with no posts? The forum can be read without even having an account. Why would 58'000 people create accounts but never post?

How many accounts are there with at least one post?!
Many, many users sign up and lurk. For years. A lot of people prefer to read, or send a PM for something in Marketplace. Not everyone wants to debate Brexit, Trump, brown sugar and flushing after 10 p.m.
Reply With Quote
This user would like to thank 3Wishes for this useful post:
  #132  
Old 23.01.2019, 12:17
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,082
Groaned at 484 Times in 403 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

so, still no action then??? seem the local are determined to get themselves into trouble.
Reply With Quote
This user would like to thank bigblue2 for this useful post:
  #133  
Old 23.01.2019, 12:24
Guest
 
Posts: n/a
Re: Englishforum security breach?

Quote:
View Post
Really? Where did you find that? And why?
Sorted the member list on reputation.
Reply With Quote
The following 2 users would like to thank for this useful post:
  #134  
Old 23.01.2019, 14:29
Guest
 
Posts: n/a
Re: Englishforum security breach?

Quote:
View Post
so, still no action then???
Just because you haven't seen it didn't mean nothing's been done. Several issues mentioned earlier have been implemented.

Quote:
View Post
seem the local are determined to get themselves into trouble.
What are you talking about?
Reply With Quote
  #135  
Old 23.01.2019, 14:52
aSwissInTheUS's Avatar
Forum Legend
 
Join Date: Nov 2007
Location: Zurich area
Posts: 12,778
Groaned at 99 Times in 88 Posts
Thanked 19,576 Times in 8,681 Posts
aSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond reputeaSwissInTheUS has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
Let's pretent I own the domain greenpizza.com (I don't).
The suggested example domain names which are guaranteed not used by an enterprise or private individual are example.com, example.org, and example.net

Note: Those are valid domains, which actually exists.
https://www.iana.org/domains/reserved
Reply With Quote
  #136  
Old 23.01.2019, 14:58
bigblue2's Avatar
Forum Legend
 
Join Date: Mar 2009
Location: Glarus
Posts: 8,082
Groaned at 484 Times in 403 Posts
Thanked 14,715 Times in 5,780 Posts
bigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond reputebigblue2 has a reputation beyond repute
Re: Englishforum security breach?

Quote:
What are you talking about?

not a single thing has been done about the actual breach, just some general house keeping.

what am I on about? - see previous links I posted up, they where breached, have been told about it, and so far taken no steps to actually rectify the situation, that can add up to some hefty fines.
Reply With Quote
This user would like to thank bigblue2 for this useful post:
  #137  
Old 23.01.2019, 16:22
nigelr's Avatar
Forum Veteran
 
Join Date: Apr 2009
Location: Aargau
Posts: 1,712
Groaned at 118 Times in 59 Posts
Thanked 2,140 Times in 942 Posts
nigelr has a reputation beyond reputenigelr has a reputation beyond reputenigelr has a reputation beyond reputenigelr has a reputation beyond reputenigelr has a reputation beyond repute
Re: Englishforum security breach?

Perhaps a simple statement saying what you've found out and what you have done would help. I'm not even sure there was a breach and I'm probably not alone ....
Reply With Quote
  #138  
Old 23.01.2019, 16:34
Guest
 
Posts: n/a
Re: Englishforum security breach?

Quote:
View Post
I'm not even sure there was a breach and I'm probably not alone ....
Given that several users state that they got approached around the same time with data/info which according to them only could have been retrieved from EF we are past the point of doubt.

And than we move on and expect info from EF, like do you know what was stolen and when?, what are you going to do to prevent this in future? When will users be informed (which should have happened already), will this be reported, and if not, why not?

Storing personal data comes with responsibilities and currently it feels more like that they think that if they put their fingers in their ears and shout LALALALALA that it will all just blow over, also imho ignoring the fact that this software is to be considered to be ancient and should tbh not be used anymore in 2019.
Reply With Quote
This user would like to thank for this useful post:
  #139  
Old 23.01.2019, 16:44
nigelr's Avatar
Forum Veteran
 
Join Date: Apr 2009
Location: Aargau
Posts: 1,712
Groaned at 118 Times in 59 Posts
Thanked 2,140 Times in 942 Posts
nigelr has a reputation beyond reputenigelr has a reputation beyond reputenigelr has a reputation beyond reputenigelr has a reputation beyond reputenigelr has a reputation beyond repute
Re: Englishforum security breach?

Quote:
Given that several users state that they got approached around the same time with data/info which according to them only could have been retrieved from EF we are past the point of doubt.

And than we move on and expect info from EF, like do you know what was stolen and when?, what are you going to do to prevent this in future? When will users be informed (which should have happened already), will this be reported, and if not, why not?

Storing personal data comes with responsibilities and currently it feels more like that they think that if they put their fingers in their ears and shout LALALALALA that it will all just blow over, also imho ignoring the fact that this software is to be considered to be ancient and should tbh not be used anymore in 2019.
I think you missed my point. I am not defending the EF, I am asking for clarification without jumping to conclusions.

Personally from what I've read I'm pretty sure there was a breach and that the relevant authorities still haven't been informed, and the users haven't been informed.

But I might be wrong, hence the question.
Reply With Quote
  #140  
Old 23.01.2019, 16:47
Belgianmum's Avatar
Roastbeef & Yorkshire mod
 
Join Date: Jan 2010
Location: Neuchâtel
Posts: 13,486
Groaned at 251 Times in 212 Posts
Thanked 22,669 Times in 9,257 Posts
Belgianmum has a reputation beyond reputeBelgianmum has a reputation beyond reputeBelgianmum has a reputation beyond reputeBelgianmum has a reputation beyond reputeBelgianmum has a reputation beyond reputeBelgianmum has a reputation beyond repute
Re: Englishforum security breach?

Quote:
View Post
I think you missed my point. I am not defending the EF, I am asking for clarification without jumping to conclusions.

Personally from what I've read I'm pretty sure there was a breach and that the relevant authorities still haven't been informed, and the users haven't been informed.

But I might be wrong, hence the question.
I got an email from the admin team. Have you not received one?
Reply With Quote
Reply

Tags
englishforum hack, password stolen, security breach, security password hack




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security breach: avoid buying online and using ATMs [Heartbleed Vulnerability] olygirl TV/internet/telephone 27 07.06.2014 16:10
A security breach happened at [fill in the blank aSwissInTheUS Daily life 1 21.05.2014 19:44
Major security breach at LinkedIn Castro TV/internet/telephone 13 07.06.2012 18:17
US issued card holders take note ( security breach issue ) jrspet International affairs/politics 1 31.03.2012 15:54
Guardian Jobs in UK - Security Breach transition International affairs/politics 0 26.10.2009 14:51


All times are GMT +2. The time now is 09:29.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.
LinkBacks Enabled by vBSEO 3.1.0