Overclock.net › Forums › Industry News › Software News › [Various] Ubuntu forums hacked; 1.82M logins, email addresses stolen
New Posts  All Forums:Forum Nav:

[Various] Ubuntu forums hacked; 1.82M logins, email addresses stolen - Page 6

post #51 of 59
They're welcome to impersonate me on a multitude of other forums rolleyes.gif I won't go through the trouble of changing up my fairly simple set of passwords that I use for forums, only imprtant personally identifiable sites get the keepass treatmeant.
Heisenberg
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 4930k Asus RIV BE HIS HD7970x3 4x4GB Corsair 2133 
Hard DriveHard DriveHard DriveCooling
Samsung 840 Evo 500GB 2 Crucial m4 256gb raid 0 4TB Hitachi EK rivbe monoblock + ek 7970fc 
OSMonitorKeyboardPower
Windows 8.1 Pro 27" LED Cinema + 27" Auria 2560x1440 Mionix Zibal 60 Corsair ax1200i 
CaseMouseAudioAudio
Case Labs TH10 Mionix Naos 5000 Asus Xonar d2x Teac ha-501 amp & hd650/dt880 600 ohm cans 
  hide details  
Reply
Heisenberg
(16 items)
 
  
CPUMotherboardGraphicsRAM
Core i7 4930k Asus RIV BE HIS HD7970x3 4x4GB Corsair 2133 
Hard DriveHard DriveHard DriveCooling
Samsung 840 Evo 500GB 2 Crucial m4 256gb raid 0 4TB Hitachi EK rivbe monoblock + ek 7970fc 
OSMonitorKeyboardPower
Windows 8.1 Pro 27" LED Cinema + 27" Auria 2560x1440 Mionix Zibal 60 Corsair ax1200i 
CaseMouseAudioAudio
Case Labs TH10 Mionix Naos 5000 Asus Xonar d2x Teac ha-501 amp & hd650/dt880 600 ohm cans 
  hide details  
Reply
post #52 of 59
Quote:
Originally Posted by Stealth Pyros View Post

Ubuntu chose to use vBulletin wink.gif

A silly choice not because it is insecure, but because it's just plain bad! I have a licence for the full vB4 suite that I will never use because vBulletin is such a horrile kludge to configure, and even worse to style.
Quote:
Originally Posted by Scott1541 View Post

I used to use keepass but after a month or so it became a pain keeping the password database updated across several devices and multiple operating systems. Plus having to use ports on my phone and on Linux distros has equally annoying since they were quite inferior. Now I just use an algorithm that uses various things to create a password that's unique for the most part, not as secure as a generated password but a hell of a lot easier.
thumb.gif

You sound like you need LastPass.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #53 of 59
Quote:
Originally Posted by randomizer View Post

You sound like you need LastPass.

I used to use LastPass a couple of years ago but I stopped because I don't like my passwords all together sitting on a server somewhere where they can potentially be stolen. I know they would have to decrypt them and everything but I'd still rather not have them there in the first place.

I've actually decided to give KeePass another try now since I remembered last time I used it I had an iPhone, and my algorithm has a slight flaw anyway. If someone got hold of any 2 of my algorithm passwords they could probably figure out what's going on and guess the rest rolleyes.gif
     
CPUMotherboardGraphicsRAM
i5-4278U @ 2.6GHz Apple Logic Board Intel Iris 5100 8GB 1600MHz DDR3L 
Hard DriveOSOSMonitor
128GB SSD Mac OS X 10.11 El Capitan Windows 10 13" IPS @ 2560 x 1600 
KeyboardPowerCaseMouse
Apple British Keyboard 60W Magsafe 2 Apple Aluminium Unibody Apple Trackpad 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
i5-4278U @ 2.6GHz Apple Logic Board Intel Iris 5100 8GB 1600MHz DDR3L 
Hard DriveOSOSMonitor
128GB SSD Mac OS X 10.11 El Capitan Windows 10 13" IPS @ 2560 x 1600 
KeyboardPowerCaseMouse
Apple British Keyboard 60W Magsafe 2 Apple Aluminium Unibody Apple Trackpad 
  hide details  
Reply
post #54 of 59
Quite a few people use something like DropBox to keep their Keepass DB in sync across devices, but that would probably be just as concerning for you as using LastPass since you are doing much the same thing (local encryption and storage in a datacentre). There are a lot of people where I work who swear by Keepass.
Edited by randomizer - 8/5/13 at 4:52am
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #55 of 59
Well I believe the passwords could be recompiled, if they knew their password and could compare it to their account then who is to say they can't just reverse engineer the whole algorithym and simply decrypt them. But compiling enough data to crack it would take much time but is possible. They could have even stolen the decryption program when they stole the passwords.
post #56 of 59
Quote:
Originally Posted by Maelthras View Post

Well I believe the passwords could be recompiled, if they knew their password and could compare it to their account then who is to say they can't just reverse engineer the whole algorithym and simply decrypt them. But compiling enough data to crack it would take much time but is possible. They could have even stolen the decryption program when they stole the passwords.

There is nothing to reverse engineer because MD5 is already a publicly available algorithm. There is also nothing to decrypt since the data is not encrypted, but hashed. Decryption requires a key; hashing algorithms have no key and there is no practical way to reverse the output from the algorithm and retrieve the input. That is how they were designed. It's much faster to simply take a whole lot of inputs and try to compute the same output (that is preceisely how you are authenticated when you log in, except with just one input). Of course "much faster" is not fast.
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
i7 920 D0 MSI X58 Pro-E GTX 560 Ti 448 3x2GB G.Skill DDR3-1333 9-9-9-24 
Hard DriveHard DriveOptical DriveOS
840 Pro Caviar Black LG BD-ROM Windows 8.1 Pro x64 
MonitorMonitorKeyboardPower
Dell U2713HM Dell U2311H Turbo-Trak (Google it :D) Corsair HX-520 
CaseMouseMouse PadAudio
CM690 Mionix Avior 7000 Everglide Titan AKG K 242 HD 
  hide details  
Reply
post #57 of 59
Is it just me or these hack-ins are happening a lot now-a-days, at all the big sites?
Heat Masta
(7 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-6300 Gigabyte 970A-DS3P Asus AMD R7 260X OC Edition G.Skill RipjawsX  
Hard DriveOptical DriveOS
WD Caviar Blue LG Optical Drive Windows 10 64bit 
  hide details  
Reply
Heat Masta
(7 items)
 
  
CPUMotherboardGraphicsRAM
AMD FX-6300 Gigabyte 970A-DS3P Asus AMD R7 260X OC Edition G.Skill RipjawsX  
Hard DriveOptical DriveOS
WD Caviar Blue LG Optical Drive Windows 10 64bit 
  hide details  
Reply
post #58 of 59
Quote:
Originally Posted by Hsn786 View Post

Is it just me or these hack-ins are happening a lot now-a-days, at all the big sites?

I don't think they're happening that much, before this the last website hack that affected me was about a year ago. Relative to the size of facebook and other massive websites the Ubuntu forum isn't really that big. This could make these type of websites more desirable targets as they have a decent amount of members yet their security may not be as strong as the larger websites.

(As you may be able to tell I'm hardly a digital security expert tongue.gif )
     
CPUMotherboardGraphicsRAM
i5-4278U @ 2.6GHz Apple Logic Board Intel Iris 5100 8GB 1600MHz DDR3L 
Hard DriveOSOSMonitor
128GB SSD Mac OS X 10.11 El Capitan Windows 10 13" IPS @ 2560 x 1600 
KeyboardPowerCaseMouse
Apple British Keyboard 60W Magsafe 2 Apple Aluminium Unibody Apple Trackpad 
  hide details  
Reply
     
CPUMotherboardGraphicsRAM
i5-4278U @ 2.6GHz Apple Logic Board Intel Iris 5100 8GB 1600MHz DDR3L 
Hard DriveOSOSMonitor
128GB SSD Mac OS X 10.11 El Capitan Windows 10 13" IPS @ 2560 x 1600 
KeyboardPowerCaseMouse
Apple British Keyboard 60W Magsafe 2 Apple Aluminium Unibody Apple Trackpad 
  hide details  
Reply
post #59 of 59
Quote:
Originally Posted by Murlocke View Post

Anyone using Ubuntu probably is an advanced user and most won't use terrible passwords, or so i'd hope. If they do, hopefully they don't use the same password everywhere... if they do, then they were bound to be screwed sometime in their life. redface.gif
Eh, Ubuntu is the Windows/Mac of Linux. There are plenty of people (even on OCN) that brag how they set up their family members on Ubuntu because it's so easy.

That, and even some tech users are just... really really bad... at password hygiene.
Micro Dance
(8 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k z97i-plus EVGA GTX980 SC 16GB Team Xtreme 2400 
Hard DriveCoolingOSCase
512GB Samsung SSD 830 NH-L12 Windows 10 EVGA Hadron Air 
  hide details  
Reply
Micro Dance
(8 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k z97i-plus EVGA GTX980 SC 16GB Team Xtreme 2400 
Hard DriveCoolingOSCase
512GB Samsung SSD 830 NH-L12 Windows 10 EVGA Hadron Air 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Various] Ubuntu forums hacked; 1.82M logins, email addresses stolen