Page 5 of 6
Re: What's up with being Hacked?
Posted: Fri Jan 07, 2011 10:12 pm
by Thargoid
CheeseRedux wrote:(Except for the link in new tab thing. I still prefer that.)
On that one I completely agree with you (I hadn't noticed it until now).
Re: What's up with being Hacked?
Posted: Fri Jan 07, 2011 10:26 pm
by JensAyton
Forcibly opening links in new tabs is a horrible, horrible habit, and I’m certainly not going to go out of my way to make it happen.
Re: What's up with being Hacked?
Posted: Fri Jan 07, 2011 10:32 pm
by Commander McLane
Actually it wasn't tabs, but links used to be opened in a new
window.
At least for external links I find that sensible. If I for instance follow a link to some find on the web from some Outworld thread (like e.g. the one with the moon monolith), I prefer to get a new window. I can read it, possibly follow other links (which invariably happens if the external link was to tvtropes
), finally close the whole window and find myself back where it all began in the original window. I don't want to use the "page back" button umpty times in order to get back to the boards.
The same goes for links to the Elite Wiki. I like them to open in a separate window as an independent resource which I can consult alongside the thread, rather than having to go back and forward to and from the thread.
Re: What's up with being Hacked?
Posted: Fri Jan 07, 2011 10:45 pm
by Cody
Commander McLane wrote:Actually it wasn't tabs, but links used to be opened in a new window.
That's what I thought CR meant, new window... this was very useful.
The 'open new windows in new tabs' thing is a browser preference.
Re: What's up with being Hacked?
Posted: Fri Jan 07, 2011 10:47 pm
by JensAyton
Commander McLane wrote:At least for external links I find that sensible. If I for instance follow a link to some find on the web from some Outworld thread (like e.g. the one with the moon monolith), I prefer to get a new window. I can read it, possibly follow other links (which invariably happens if the external link was to tvtropes :oops: )
No-one’s saying you
can’t have a new tab/window. Every browser has commands and shortcuts to do it with any link. What most lack is an “open this right here” command for links which override normal behaviour.
Re: What's up with being Hacked?
Posted: Fri Jan 07, 2011 10:51 pm
by CheeseRedux
Commander McLane wrote:Actually it wasn't tabs, but links used to be opened in a new window.
This must be browser and/or OS related then, because for me (Opera/WinXP), links invariably opened in a fresh
tab.
Other than that, your reasonings (including, I'm afraid, the tvtropes bit) are in perfect accord with mine.
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 12:21 am
by Mauiby de Fug
Yep, I used to get new tabs, too, using Ubuntu/Chromium. I preferred that system with external links; with others I'm quite happy for it to remain in the same tab.
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 10:28 am
by Eric Walch
CheeseRedux wrote:Commander McLane wrote:Actually it wasn't tabs, but links used to be opened in a new window.
This must be browser and/or OS related then, because for me (Opera/WinXP), links invariably opened in a fresh
tab.
Other than that, your reasonings (including, I'm afraid, the tvtropes bit) are in perfect accord with mine.
I only know how it works with Safari. There you can set the preferences to open links in new pages or tabs.
And like Ahruman wrote, you can still open links in tabs with Safari by Cmd-clicking the link. (You can define this in preferences) I assume other browsers have similar options.
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 11:37 am
by Rxke
Warning?
The e-mail account that I use for all things Oolite got hacked yesterday.
And I know I've been a bad boy: that account had the same password as here (I have oodles of passwords, so it happens rarely, but it does
)
Sooooo.... Very probably the hackers got their hands on the passwords from this place, I have no other explanation (it was not a dictionary attack)
So it might be a good idea to change passwords?
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 11:41 am
by Zieman
Rxke wrote:Warning?
...
So it might be a good idea to change passwords?
Done.
Thanks for the heads up!
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 11:59 am
by Phantom Hoover
So wait, the passwords were stored in plaintext somewhere? Surely some mistake?
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 11:59 am
by Rxke
I'm not saying that, but it seems like a very creepy coincidence.
Might be just that, coincidence....
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 12:21 pm
by aegidian
Phantom Hoover wrote:So wait, the passwords were stored in plaintext somewhere? Surely some mistake?
No, the passwords are stored as MD5 hashes within the phpbb database. If they were to be acquired by a black hat gaining access to the board's MySQL database they could be decrypted (cracked) but even then the process takes time.
For best security, don't use the same password everywhere, and change your passwords regularly.
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 1:28 pm
by Phantom Hoover
So the reported password compromises cannot have been through a brute-force attack on the database?
Re: What's up with being Hacked?
Posted: Sat Jan 08, 2011 4:32 pm
by aegidian
As I understand it the databases are not stored on the same machine as the files that make up the site. It was the machine hosting those files that was hacked (hence the databases not being lost). A brute force attack would not work as the databases weren't directly exposed.
It is possible (although unlikely) that as a result of that hack the databases may have been made vulnerable if a cracker got to configuration files for this board and decrypted the MD5 password hash for database access (since changed, multiple times and securely), allowing that cracker to access and then to decrypt some of the MD5 password hashes.
If you use the same password for the board as you do for any other site associated with the email address you use here, then your access here and to those other sites may be at risk. Therefore we're advising you change your password here and to change any passwords that are the same as the one you use here.