Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 8:29:31 GMT -5
What is the possibility that average joe cheater gets found out in this hack even if he used his real info? 37 million customers is a lot of info for a wife to search through. It depends on how much work the Internetz puts into compiling the data into searchable form. I have to believe that sometime soon somebody will recompile the full back into a records database, after which searching it becomes trivial. You could have a search system similar to Proboards' set up in a matter of days. Search for names, addresses, keywords, combinations of words, e-mail addresses, etc. in a matter of seconds and any hit would bring up the full set of data associated with any hits. I'll also bet you that the average AM user doesn't use his real name but does use his "regular" throwaway e-mail account. Managing more than one throwaway e-mail account is a pain in the neck, and people generally have at least one routine throwaway account to collect spam, etc. I know what my wife's throwaway account is, and she knows what mine is. I'm guessing it's fairly common.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 20, 2015 11:02:39 GMT -5
What is the possibility that average joe cheater gets found out in this hack even if he used his real info? 37 million customers is a lot of info for a wife to search through. It depends on how much work the Internetz puts into compiling the data into searchable form. I have to believe that sometime soon somebody will recompile the full back into a records database, after which searching it becomes trivial. You could have a search system similar to Proboards' set up in a matter of days. Search for names, addresses, keywords, combinations of words, e-mail addresses, etc. in a matter of seconds and any hit would bring up the full set of data associated with any hits. I'll also bet you that the average AM user doesn't use his real name but does use his "regular" throwaway e-mail account. Managing more than one throwaway e-mail account is a pain in the neck, and people generally have at least one routine throwaway account to collect spam, etc. I know what my wife's throwaway account is, and she knows what mine is. I'm guessing it's fairly common. It's already been done, Virgil, but the site has been taken down. It's probably available in a searchable form on the dark net but I ain't goin' in there after it. It's not worth the trouble, to me.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 20, 2015 11:04:33 GMT -5
What is the possibility that average joe cheater gets found out in this hack even if he used his real info? 37 million customers is a lot of info for a wife to search through. Several websites have already popped up that make the data easily searchable. Trustify lets you search the email addresses right now. I'd been told there was a site where you could search by email addy. Thanks, Dark! By the way, hug the wife and kids for me! I miss her posts, dern it!
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 11:07:26 GMT -5
It depends on how much work the Internetz puts into compiling the data into searchable form. I have to believe that sometime soon somebody will recompile the full back into a records database, after which searching it becomes trivial. You could have a search system similar to Proboards' set up in a matter of days. Search for names, addresses, keywords, combinations of words, e-mail addresses, etc. in a matter of seconds and any hit would bring up the full set of data associated with any hits. I'll also bet you that the average AM user doesn't use his real name but does use his "regular" throwaway e-mail account. Managing more than one throwaway e-mail account is a pain in the neck, and people generally have at least one routine throwaway account to collect spam, etc. I know what my wife's throwaway account is, and she knows what mine is. I'm guessing it's fairly common. It's already been done, Virgil, but the site has been taken down. It's probably available in a searchable form on the dark net but I ain't goin' in there after it. It's not worth the trouble, to me. Give it a few hours and it will be popping up like daisies. Ah, the Internet. Where privacy goes to die.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 20, 2015 11:11:38 GMT -5
It's already been done, Virgil, but the site has been taken down. It's probably available in a searchable form on the dark net but I ain't goin' in there after it. It's not worth the trouble, to me. Give it a few hours and it will be popping up like daisies. Ah, the Internet. Where privacy goes to die. LOL! Yep, I'm sure that's true. I was looking for it last night because bean29 had asked about it. For myself, it's really of no importance.
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 20, 2015 11:16:51 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time.
|
|
bean29
Junior Associate
Joined: Dec 19, 2010 22:26:57 GMT -5
Posts: 9,947
Member is Online
|
Post by bean29 on Aug 20, 2015 11:20:47 GMT -5
I thought trustify would only verify if your name was in the , and they verified you were who you say you are by sending a verification e-mail before they give you info.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 11:37:33 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time. Is there any embarrassing data out there linked to your e-mail addresses? Aside from this board of course.
|
|
swamp
Community Leader
Don't be a fool. Call me!
Joined: Dec 19, 2010 16:03:22 GMT -5
Posts: 45,335
|
Post by swamp on Aug 20, 2015 11:43:00 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time. Not all of us. I find my one night stands the old fashioned way, in a bar. I don't need no online service to do it for me.
|
|
mmhmm
Administrator
It's a great pity the right of free speech isn't based on the obligation to say something sensible.
Joined: Dec 25, 2010 18:13:34 GMT -5
Posts: 31,770
Today's Mood: Saddened by Events
Location: Memory Lane
Favorite Drink: Water
|
Post by mmhmm on Aug 20, 2015 11:45:31 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time. Is there any embarrassing data out there linked to your e-mail addresses? Aside from this board of course. I'd be willing to bet there are plenty of people on that list who never darkened the door of Ashley Madison or the sister site. Someone who didn't like them (or, thought it would be funny) used their email address to "sign them up." Since neither site vetted the data they were given, all bets are off as to whether a person on the list is actually a user of the service.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 11:56:02 GMT -5
Is there any embarrassing data out there linked to your e-mail addresses? Aside from this board of course. I'd be willing to bet there are plenty of people on that list who never darkened the door of Ashley Madison or the sister site. Someone who didn't like them (or, thought it would be funny) used their email address to "sign them up." Since neither site vetted the data they were given, all bets are off as to whether a person on the list is actually a user of the service. Yes, generally. No, if their CC digits, address, vitals, and personal details are all in there. As I pointed out to DJ earlier, there's an average of 1 K of data associated with each account. No way your average malcontent goes to a presumably secure website, creates a dummy account that will presumably never be seen, and takes the time to populate it with correct details. Gag accounts for celebrities, maybe, but not average joes.
|
|
fairlycrazy23
Senior Member
Joined: Dec 27, 2010 23:55:19 GMT -5
Posts: 3,306
|
Post by fairlycrazy23 on Aug 20, 2015 11:56:38 GMT -5
I know there is transaction history going back to 2009 for some accounts, so I suspect that many accounts have much more than 1000 bytes of data, and other have less.
Why the transaction data wasn't encrypted I don't know
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 12:00:21 GMT -5
I know there is transaction history going back to 2009 for some accounts, so I suspect that many accounts have much more than 1000 bytes of data, and other have less. Why the transaction data wasn't encrypted I don't know It's on a secure server that has to be capable of decrypting it to access the data. If the server is compromised, that's all she wrote. There's no point of encrypting it.
|
|
NoNamePerson
Distinguished Associate
Is There Anybody OUT There?
Joined: Dec 17, 2010 17:03:17 GMT -5
Posts: 25,731
Location: WITNESS PROTECTION
|
Post by NoNamePerson on Aug 20, 2015 12:00:35 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time. Not all of us. I find my one night stands the old fashioned way, in a bar. I don't need no online service to do it for me. Is that a seedy bar or are you a seedy lady ETA: Just referenced post 28 and 29
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 20, 2015 12:34:51 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time. Is there any embarrassing data out there linked to your e-mail addresses? Aside from this board of course. i was actually thinking of this board when i said that. but it has nothing to do with "embarrassing", just "data".
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 20, 2015 12:35:43 GMT -5
it is, however, "interesting", in the sense that it could happen to any one of us at any time. Not all of us. I find my one night stands the old fashioned way, in a bar. I don't need no online service to do it for me. to be clear, my point had nothing to do with Ashley Madison, on line dating, etc.
|
|
Artemis Windsong
Senior Associate
The love in me salutes the love in you. M. Williamson
Joined: Dec 18, 2010 19:32:12 GMT -5
Posts: 12,319
Today's Mood: Twinkling
Location: Wishing Star
Favorite Drink: Fresh, clean cold bottled water.
|
Post by Artemis Windsong on Aug 20, 2015 13:03:09 GMT -5
There is also an entire segment of the population saying, Hey I didn't know about this. Why? My thought is a cess pool of STD's web site. Where's the "fun" in that.
|
|
Tennesseer
Member Emeritus
Joined: Dec 20, 2010 21:58:42 GMT -5
Posts: 63,535
|
Post by Tennesseer on Aug 20, 2015 16:18:49 GMT -5
|
|
Robert not Bobby
Well-Known Member
Joined: Jan 29, 2013 17:45:55 GMT -5
Posts: 1,392
|
Post by Robert not Bobby on Aug 20, 2015 16:40:49 GMT -5
Why would anyone put their work email and real names...they are
That family always creeped me out. You don't have kids to be the mother of your kids....Uh?
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 20, 2015 17:12:49 GMT -5
LOL! this family!!!! HAHAHAHAHAHA wow.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 17:36:05 GMT -5
LOL! this family!!!! HAHAHAHAHAHA wow. I have to admit. Remember, though. This is just the one son. None of the other... 20... whatever family members have ever been implicated in anything. This time next year he'll have also apologized for his account on "funwithgoats.com", his indictment for peeping in neighbours' windows, his meth addiction, ...
|
|
djAdvocate
Member Emeritus
only posting when the mood strikes me.
Joined: Jun 21, 2011 12:33:54 GMT -5
Posts: 75,165
Mini-Profile Background: {"image":"","color":"000307"}
|
Post by djAdvocate on Aug 20, 2015 17:43:49 GMT -5
LOL! this family!!!! HAHAHAHAHAHA wow. I have to admit. Remember, though. This is just the one son. None of the other... 20... whatever family members have ever been implicated in anything. This time next year he'll have also apologized for his account on "funwithgoats.com", his indictment for peeping in neighbours' windows, his meth addiction, ... dude is a mess. for sure.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 18:12:29 GMT -5
|
|
Deleted
Joined: May 8, 2024 10:13:18 GMT -5
Posts: 0
|
Post by Deleted on Aug 20, 2015 18:58:26 GMT -5
LOL! this family!!!! HAHAHAHAHAHA wow. I have to admit. Remember, though. This is just the one son. None of the other... 20... whatever family members have ever been implicated in anything.This time next year he'll have also apologized for his account on "funwithgoats.com", his indictment for peeping in neighbours' windows, his meth addiction, ... You left out a word. That word is "yet"... and it goes at the end of what I bolded.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 19:10:35 GMT -5
I have to admit. Remember, though. This is just the one son. None of the other... 20... whatever family members have ever been implicated in anything.This time next year he'll have also apologized for his account on "funwithgoats.com", his indictment for peeping in neighbours' windows, his meth addiction, ... You left out a word. That word is "yet"... and it goes at the end of what I bolded. Why? Are you as gung ho to jump aboard the "let's fantasize about how rotten and miserable the Duggars are" train as the YM crowd?
|
|
fairlycrazy23
Senior Member
Joined: Dec 27, 2010 23:55:19 GMT -5
Posts: 3,306
|
Post by fairlycrazy23 on Aug 20, 2015 19:31:35 GMT -5
I know there is transaction history going back to 2009 for some accounts, so I suspect that many accounts have much more than 1000 bytes of data, and other have less. Why the transaction data wasn't encrypted I don't know It's on a secure server that has to be capable of decrypting it to access the data. If the server is compromised, that's all she wrote. There's no point of encrypting it. The key to decrypting the data doesn't have to (shouldn't) reside on the same server.
|
|
Deleted
Joined: May 8, 2024 10:13:18 GMT -5
Posts: 0
|
Post by Deleted on Aug 20, 2015 19:39:09 GMT -5
You left out a word. That word is "yet"... and it goes at the end of what I bolded. Why? Are you as gung ho to jump aboard the "let's fantasize about how rotten and miserable the Duggars are" train as the YM crowd? It's not anything I fantasize about... no. BUT... First Point: If only 1 in 10 (and I think I'm being generous with that guesstimate) people are "bad in some way or another, even if they never get caught"... there are 21 people in that family. So that makes 2.1 out of 21... which is more than JUST Josh, by default. Second Point: Cults usually churn out people with social problems at a higher rate than "standard average, without taking into account any mitigating factors what-so-ever". That "Quiverfull Movement" is a cult, increasing the odds to probably closer to 1 in 4 or 1 in 5. Third Point: Every one of them is human. Humans are not perfect.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 19:56:06 GMT -5
It's on a secure server that has to be capable of decrypting it to access the data. If the server is compromised, that's all she wrote. There's no point of encrypting it. The key to decrypting the data doesn't have to (shouldn't) reside on the same server. True, but if data on the server has to be routinely accessed and hackers have root access, they can easily watch (and presumably emulate) any requests to other resources needed to decrypt data. It's the same as if you had your hard drive encrypted but I had a camera secretly recording your every action. You can have 20 layers of encryption and keys stored nowhere else except your brain if you like, but the minute you access your data, presuming the access method isn't time-sensitive, I know precisely what I need to do to get your data. Generally speaking, any system that has to be able to dispatch data on demand, at random, to a non-privileged user is going to have at least one such point of vulnerability. Ultimately there has to be one point of contact with the client machine that returns a fully assembled, decrypted, ready-to-read record on demand. If such a node is compromised, then the very least a hacker can do is serially pull down records by faking user requests for data. It's one of the reasons many data security companies actually have "intrusion detection" software/firmware that attempts to detect unusual server activity such as serial record access. AM evidently didn't have these protections.
|
|
Virgil Showlion
Distinguished Associate
Moderator
[b]leones potest resistere[/b]
Joined: Dec 20, 2010 15:19:33 GMT -5
Posts: 27,448
|
Post by Virgil Showlion on Aug 20, 2015 20:06:56 GMT -5
Why? Are you as gung ho to jump aboard the "let's fantasize about how rotten and miserable the Duggars are" train as the YM crowd? It's not anything I fantasize about... no. BUT... First Point: If only 1 in 10 (and I think I'm being generous with that guesstimate) people are "bad in some way or another, even if they never get caught"... there are 21 people in that family. So that makes 2.1 out of 21... which is more than JUST Josh, by default. Second Point: Cults usually churn out people with social problems at a higher rate than "standard average, without taking into account any mitigating factors what-so-ever". That "Quiverfull Movement" is a cult, increasing the odds to probably closer to 1 in 4 or 1 in 5. Third Point: Every one of them is human. Humans are not perfect. That's actually not a bad argument. An appeal to random chance. As for "Humans are not perfect.", you definitely don't have to be "perfect" to avoid cheating on your wife.
|
|
fairlycrazy23
Senior Member
Joined: Dec 27, 2010 23:55:19 GMT -5
Posts: 3,306
|
Post by fairlycrazy23 on Aug 20, 2015 20:23:38 GMT -5
Hackers 'the Impact Team' posted another huge tranche - amounting to 20GB of files - on the same dark web
|
|