Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 19, 2015 9:43:51 GMT -5
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 19, 2015 10:02:40 GMT -5
That information has been available for about a week. Before that it was only available on the dark web, as far as I know.
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 19, 2015 10:33:40 GMT -5
doubtful, given that AM doesn't require verification on it's accounts. i could have registered under Virgil Sovereign and that would have been just ducky with them. i would be surprised if 3.7M adulterers were compromised. then again, maybe they really are stupid enough to give their actual names.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 19, 2015 11:14:19 GMT -5
So I heard about this today... haven't had the time to really read up on it. But why were they blackmailing AM? What was their point? I've heard it was because the site was bogus. User data wasn't verified. Many female accounts were faked, as were those of famous people. The site required a payment to delete your account, then wouldn't delete it when the requested amount was paid. In reality, who knows? It could have been just because they could.
|
|
bean29
Junior Associate
Joined: Dec 19, 2010 22:26:57 GMT -5
Posts: 9,947
|
Post by bean29 on Aug 19, 2015 11:59:43 GMT -5
So how does one look at the list? I wanna check if anyone I know is on it.
I tried googling it but just got articles about the release.
I'm gonna guess that all users were not smart enough to use a fake name, and can you use a fake name with your CC info? Doesn't that casue a security problem that causes it to kick out? Pretty sure it does b/c I have a hyphenated name and the billing name and the CC name have to match or I get security errors.
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 19, 2015 12:02:42 GMT -5
So how does one look at the list? I wanna check if anyone I know is on it.
I tried googling it but just got articles about the release.
I'm gonna guess that all users were not smart enough to use a fake name, and can you use a fake name with your CC info? Doesn't that casue a security problem that causes it to kick out? Pretty sure it does b/c I have a hyphenated name and the billing name and the CC name have to match or I get security errors. there is nothing on the registration page that requires credit card information: www.ashleymadison.com/app/public/index.p?c=1&url_seeking=1
|
|
happyhoix
Distinguished Associate
Joined: Oct 7, 2011 7:22:42 GMT -5
Posts: 20,905
|
Post by happyhoix on Aug 19, 2015 12:29:53 GMT -5
Yesh. A website to assist people in cheating.
If you're going to behave like a jerk, do it in seedy bars with cheap women and feel crappy about it later. Don't pretend you're just participating in a fancier type of social media.
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 19, 2015 12:31:31 GMT -5
Yesh. A website to assist people in cheating. If you're going to behave like a jerk, do it in seedy bars with cheap women and feel crappy about it later. Don't pretend you're just participating in a fancier type of social media. i think a lot of people just play footsie at sites like this. they are not serious about cheating, they just like the thrill of the idea.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 19, 2015 14:22:32 GMT -5
doubtful, given that AM doesn't require verification on it's accounts. i could have registered under Virgil Sovereign and that would have been just ducky with them. i would be surprised if 3.7M adulterers were compromised. then again, maybe they really are stupid enough to give their actual names. I think the worst would be e-mail addresses and names linked with CC numbers. Generally speaking, nobody would register with an e-mail address they didn't control, and nobody would have access to CC numbers, hence either one would be a "reliable enough" way to verify identity. I guess we'll have to wait and see. Apparently the Internet is furiously at work processing, cataloging, and sorting the data, and searchable databases are expected in short order. Let's just say that even if I used a dummy name, a dummy e-mail address, and didn't inadvertently include any information in my profile, e-mails, etc. that could be used to positively ID me, I'd still be very worried about what was in there.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 19, 2015 14:28:14 GMT -5
So I heard about this today... haven't had the time to really read up on it. But why were they blackmailing AM? What was their point? I've heard it was because the site was bogus. User data wasn't verified. Many female accounts were faked, as were those of famous people. The site required a payment to delete your account, then wouldn't delete it when the requested amount was paid. In reality, who knows? It could have been just because they could. They also claim the sister site, "Established Men", deals in human trafficking to obtain prostitutes for rich men. I think that generally they consider the people who operate the site to be scum.
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 19, 2015 14:37:55 GMT -5
doubtful, given that AM doesn't require verification on it's accounts. i could have registered under Virgil Sovereign and that would have been just ducky with them. i would be surprised if 3.7M adulterers were compromised. then again, maybe they really are stupid enough to give their actual names. I think the worst would be e-mail addresses and names linked with CC numbers. Generally speaking, nobody would register with an e-mail address they didn't control, and nobody would have access to CC numbers, hence either one would be a "reliable enough" way to verify identity. I guess we'll have to wait and see. Apparently the Internet is furiously at work processing, cataloging, and sorting the data, and searchable databases are expected in short order. Let's just say that even if I used a dummy name, a dummy e-mail address, and didn't inadvertently include any information in my profile, e-mails, etc. that could be used to positively ID me, I'd still be very worried about what was in there. re: email- that is true, but the fact that you control it doesn't mean very much if they can't tie your name to it. for example, in the next ten minutes, i could take out djlungrot@gmail.com. now, sure, you could say that is me. but how do you prove it? moreover, how would anyone who knows me even KNOW that? i don't think there are ANY people in this world that would, but if so, i don't know who they are. i would be very worried, too- for the record. but i am not sure how "positive" any of this is going to be.
|
|
OldCoyote
Senior Associate
Joined: Dec 21, 2010 10:34:48 GMT -5
Posts: 13,449
|
Post by OldCoyote on Aug 19, 2015 15:03:50 GMT -5
I have seen it here many times, I have nothing to hide I don't care if the people in government know everything about me. Does that go for the hackers also? Yea, I'm waiting for the list of celebrities , politicians, CEO, and high powered government officials names start hitting the internet. Denial, that's a river in Egypt right?
|
|
OldCoyote
Senior Associate
Joined: Dec 21, 2010 10:34:48 GMT -5
Posts: 13,449
|
Post by OldCoyote on Aug 19, 2015 15:11:07 GMT -5
but i am not sure how "positive" any of this is going to be.What a great time to invest in law firms that specialize in divorces.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 19, 2015 15:14:22 GMT -5
I think the worst would be e-mail addresses and names linked with CC numbers. Generally speaking, nobody would register with an e-mail address they didn't control, and nobody would have access to CC numbers, hence either one would be a "reliable enough" way to verify identity. I guess we'll have to wait and see. Apparently the Internet is furiously at work processing, cataloging, and sorting the data, and searchable databases are expected in short order. Let's just say that even if I used a dummy name, a dummy e-mail address, and didn't inadvertently include any information in my profile, e-mails, etc. that could be used to positively ID me, I'd still be very worried about what was in there. re: email- that is true, but the fact that you control it doesn't mean very much if they can't tie your name to it. for example, in the next ten minutes, i could take out djlungrot@gmail.com. now, sure, you could say that is me. but how do you prove it? moreover, how would anyone who knows me even KNOW that? i don't think there are ANY people in this world that would, but if so, i don't know who they are. i would be very worried, too- for the record. but i am not sure how "positive" any of this is going to be. A lot will depend on how much data is associated with each profile. Just a ballpark, we have 9.7 GB compressed. Typical compression ratio for text is about 86% (data is compressed down to 14%), but to be conservative, let's suppose there are some images and other things in there and double that to 30%. Hence 32.5 GB uncompressed. For 37 million users, that's a little under 1 KB per account. Hence roughly 1,000 characters per. Depending on how many accounts are just hollow shells (i.e. name and e-mail only), the amount for real accounts goes up accordingly. The question is then what's in those 1,000 characters besides name, CC #, and e-mail address. Probably general information like city of residence, if not entire addresses. Professional titles. Places of work. Details on sexual preferences (something like "I want my wife to dress up like a fuzzy bunny, but she won't" could probably give somebody away pretty easily). Maybe details like "I'll be driving the black Lexus.", "I can't meet on Thursday since I'm picking my kids up at the arcade." Like you say, there's no guarantee any of it leads to a positive ID, but 1,000 characters is a lot of room for error. A lot of room to accidentally put in some damning detail.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 19, 2015 16:35:07 GMT -5
bean29, the file is, purportedly, close to 10 gigabytes. There's a download available HERE. I wouldn't guarantee anything, though. It could be a fake. Impact Team (the hackers who stole the data in the first place) claim Ashley Madison's legal team has served them with a DMCA takedown request forcing them to shut down an online service that allowed searching of the data. Of course, downloading from any unknown site is always a risk.
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 19, 2015 16:41:03 GMT -5
re: email- that is true, but the fact that you control it doesn't mean very much if they can't tie your name to it. for example, in the next ten minutes, i could take out djlungrot@gmail.com. now, sure, you could say that is me. but how do you prove it? moreover, how would anyone who knows me even KNOW that? i don't think there are ANY people in this world that would, but if so, i don't know who they are. i would be very worried, too- for the record. but i am not sure how "positive" any of this is going to be. A lot will depend on how much data is associated with each profile. Just a ballpark, we have 9.7 GB compressed. Typical compression ratio for text is about 86% (data is compressed down to 14%), but to be conservative, let's suppose there are some images and other things in there and double that to 30%. Hence 32.5 GB uncompressed. For 37 million users, that's a little under 1 KB per account. Hence roughly 1,000 characters per. Depending on how many accounts are just hollow shells (i.e. name and e-mail only), the amount for real accounts goes up accordingly. The question is then what's in those 1,000 characters besides name, CC #, and e-mail address. Probably general information like city of residence, if not entire addresses. Professional titles. Places of work. Details on sexual preferences (something like "I want my wife to dress up like a fuzzy bunny, but she won't" could probably give somebody away pretty easily). Maybe details like "I'll be driving the black Lexus.", "I can't meet on Thursday since I'm picking my kids up at the arcade." Like you say, there's no guarantee any of it leads to a positive ID, but 1,000 characters is a lot of room for error. A lot of room to accidentally put in some damning detail. the link i provided above asks for height, weight, birthday, age, occupation. so, those are pretty much guaranteed to be part of the data. there is a fake or real name, an email address, and probably some information about what you are looking for, as well. Virgil- these places probably ask for pictures. how much data would a typical low resolution pic be?
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 19, 2015 16:42:46 GMT -5
but i am not sure how "positive" any of this is going to be.What a great time to invest in law firms that specialize in divorces. most of the articles have mentioned divorce law specifically.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 19, 2015 17:24:04 GMT -5
The information I'm getting indicates names, last 4 numbers of CC, addresses, & telephone numbers are made available. There may be more info. I don't know.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 19, 2015 17:24:07 GMT -5
A lot will depend on how much data is associated with each profile. Just a ballpark, we have 9.7 GB compressed. Typical compression ratio for text is about 86% (data is compressed down to 14%), but to be conservative, let's suppose there are some images and other things in there and double that to 30%. Hence 32.5 GB uncompressed. For 37 million users, that's a little under 1 KB per account. Hence roughly 1,000 characters per. Depending on how many accounts are just hollow shells (i.e. name and e-mail only), the amount for real accounts goes up accordingly. The question is then what's in those 1,000 characters besides name, CC #, and e-mail address. Probably general information like city of residence, if not entire addresses. Professional titles. Places of work. Details on sexual preferences (something like "I want my wife to dress up like a fuzzy bunny, but she won't" could probably give somebody away pretty easily). Maybe details like "I'll be driving the black Lexus.", "I can't meet on Thursday since I'm picking my kids up at the arcade." Like you say, there's no guarantee any of it leads to a positive ID, but 1,000 characters is a lot of room for error. A lot of room to accidentally put in some damning detail. the link i provided above asks for height, weight, birthday, age, occupation. so, those are pretty much guaranteed to be part of the data. there is a fake or real name, an email address, and probably some information about what you are looking for, as well. Virgil- these places probably ask for pictures. how much data would a typical low resolution pic be? If it was a thumbnail such as one of our avatars, anywhere from 8 to 30 KB. If it was a real pic, it would pretty much guarantee positive ID, though.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 19, 2015 17:33:45 GMT -5
I'm attempting the download now. I'll let you know if it works.
ETA: File appears empty. It contained a few Pups, but nothing horrible; however, the Pups seem to be all that was left. Files must have been removed.
|
|
Jaguar
Administrator
Fear does not stop death. It stops life.
Joined: Dec 20, 2011 6:07:45 GMT -5
Posts: 50,108
Mini-Profile Background: {"image":"https://cdn.nickpic.host/images/IZlZ65.jpg","color":""}
Mini-Profile Text Color: 290066
|
Post by Jaguar on Aug 19, 2015 19:40:31 GMT -5
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 19, 2015 20:09:54 GMT -5
It's important to remember Ashley Madison didn't verify their applicants. There's no doubt in my mind some of those accounts were made by trolls. The Duggar account may be one of them, or it may not. The data provided has been verified as an accurate from Ashley Madison; however, if Ashley Madison wasn't doing their due diligence the data gleaned isn't all that dependable. You'll have some good data and some bad data created by trolls.
|
|
alabamagal
Junior Associate
Joined: Dec 23, 2010 11:30:29 GMT -5
Posts: 8,120
|
Post by alabamagal on Aug 19, 2015 20:59:54 GMT -5
I'm sure a lot of the info cannot be easily tied to people in the real world. But I also saw that some of the user emails were .gov and .mil email addresses. I also saw an article in Atlanta paper that there were about 30 email addresses with Georgi government and municipal addresses. A lot of those are first name and last name. Pretty stupid to do that, and those should be worried.
|
|
whoisjohngalt
Junior Associate
Joined: Dec 18, 2010 14:12:07 GMT -5
Posts: 9,140
|
Post by whoisjohngalt on Aug 20, 2015 3:51:15 GMT -5
If anyone thinks they still have any ounce of privacy in this world......well.....
|
|
marvholly
Junior Associate
Joined: Dec 21, 2010 11:45:21 GMT -5
Posts: 6,540
|
Post by marvholly on Aug 20, 2015 5:37:40 GMT -5
IMHO these………..jerks (participants) got what they deserved.
Also, there are probably going to be near 37 million happy divorce lawyer.
|
|
bean29
Junior Associate
Joined: Dec 19, 2010 22:26:57 GMT -5
Posts: 9,947
|
Post by bean29 on Aug 20, 2015 6:18:53 GMT -5
bean29, the file is, purportedly, close to 10 gigabytes. There's a download available HERE. I wouldn't guarantee anything, though. It could be a fake. Impact Team (the hackers who stole the data in the first place) claim Ashley Madison's legal team has served them with a DMCA takedown request forcing them to shut down an online service that allowed searching of the data. Of course, downloading from any unknown site is always a risk. Yep, that is why I was hoping some helpful newspaper or other legit source would post it. The more I think about it the more curious I become. There was a huge brew-ha-ha here a year or so ago b/c Alex Molinari the CEO of Johnson Controls was having an affair with a contractor under his direction, I expect there will be a lot of juicy stuff like that. Not sure tracks were covered so well, people like that usually think they will never get caught.
|
|
NoNamePerson
Distinguished Associate
Is There Anybody OUT There?
Joined: Dec 17, 2010 17:03:17 GMT -5
Posts: 25,731
Location: WITNESS PROTECTION
|
Post by NoNamePerson on Aug 20, 2015 7:08:40 GMT -5
Yesh. A website to assist people in cheating. If you're going to behave like a jerk, do it in seedy bars with cheap women and feel crappy about it later. Don't pretend you're just participating in a fancier type of social media. I was never cheap
|
|
Tennesseer
Member Emeritus
Joined: Dec 20, 2010 21:58:42 GMT -5
Posts: 63,534
|
Post by Tennesseer on Aug 20, 2015 7:30:26 GMT -5
Yesh. A website to assist people in cheating. If you're going to behave like a jerk, do it in seedy bars with cheap women and feel crappy about it later. Don't pretend you're just participating in a fancier type of social media. I was never cheap Do it then in cheap bars with seedy women?
|
|
ArchietheDragon
Junior Associate
Joined: Jul 7, 2014 14:29:23 GMT -5
Posts: 6,354
|
Post by ArchietheDragon on Aug 20, 2015 7:52:33 GMT -5
What is the possibility that average joe cheater gets found out in this hack even if he used his real info? 37 million customers is a lot of info for a wife to search through.
|
|
NoNamePerson
Distinguished Associate
Is There Anybody OUT There?
Joined: Dec 17, 2010 17:03:17 GMT -5
Posts: 25,731
Location: WITNESS PROTECTION
|
Post by NoNamePerson on Aug 20, 2015 7:54:30 GMT -5
Wonder how many John Smiths there are on the site?
|
|