Subeta -

October 26, 2009 10:48 pm

<center><img src=http://subeta.net/images/security.gif></center>

It's that time again! Time for me to give you a few tips on keeping your internet life safe, and hack-free.

<ul>
<li> Don't use the same password on all the sites that you use! If you use windows, <a href=http://keepass.info/>KeePass</a> is a good application for keeping all of your passwords in one place (and locked with a master password!) so that you don't forget them. If you are using a mac, you can use the Keychain which comes with your mac (it's in applications/utilities) or <a href=http://agilewebsolutions.com/products/1Password>1Password</a> is what I personally use ;).
<li> Make sure that your e-mail password is different than any password you use on a site! If someone gets into your e-mail, they can use the 'lost password' functions on sites to get into any site that you play.
<li> It's a good idea to change your password monthly (or more often than that!).
</ul>

I know that it's a hassle changing passwords and trying to remember them, which is why I linked to software that can help with that (or you can use the Keychain that comes with your mac!). Really, it's worth it to not log into your favorite sites one day to see that everything has been taken.

December 31, 1969, 7:00 pm by

Lyliko, you aren't really helping. People will get more worried and the hackers more eager to keep doing what they are doing. Hackers like attention, that's why they show off like that. Of course they should delete everything related to it, if everybody starts to panic everything sure will get better, right?

And really, where people spend their money doesn't really concern anybody else, does it? How does buying stuff on other sites makes it illegal? Sorry if I'm missing something here :/

December 31, 1969, 7:00 pm by

Now Keith's insinuating this is my fault!! WHAT THE FUCK!?!

December 31, 1969, 7:00 pm by

: Shows lack of integrity. As a site owner it seems extremely bad to be illegally purchasing items from people on other sites.

December 31, 1969, 7:00 pm by

Because my computer's pretty well protected, I don't have to worry about my personal stuff... and if someone hacks my subeta account then it's just a game that got fried.

December 31, 1969, 7:00 pm by

Quote:

; border: 1px solid ; font-family: georgia; font-size: 10;">I know I've heard about Keith buying like 300 USD worth of items on Gaia on some site that also sells Neopet items.

... what does that have to do with this, exactly? :T

December 31, 1969, 7:00 pm by

Lyliko and IcabodCrane

If you don't trust the site, why are you still using it?

December 31, 1969, 7:00 pm by

Why would he NOT delete boards that pose a security risk you idiots?

December 31, 1969, 7:00 pm by

Why would someone go to the trouble of hacking all these accounts and wasting their day to spread this?

When they could probably get away with hacking if they were more discrete?

December 31, 1969, 7:00 pm by

What purpose do the hackers have by accessing and posting all these threads? Where there's smoke there's usually fire.

May not have sold ALL of the accounts but maybe a few for funds for the layout.

I know I've heard about Keith buying like 300 USD worth of items on Gaia on some site that also sells Neopet items.

December 31, 1969, 7:00 pm by

Duck, that still doesn't make me feel any better, especially with the other occurances I've stated.

December 31, 1969, 7:00 pm by

One reason why that post was deleted, as I read over it, is in the 'need more proof' part where it added in some codes, it revealed pws for 3 current users!!

There are such things as hackers, but there is nothing to be gained by selling pws to third parties, unless said third parties are hackers, but what would be gained in doing that for anyone? Every site out there that has members tells their customers to change their pws on a regular basis, avoid phishing scams and don't give your pw out to anyone at all ever. I have worked for places where the pws are coded and only ceratin people can obtain them, or send them to the 'customer' with the computer system, but they can't actually see them. Hackers can go into the code, if they know how, to find the pws, but it's very difficult and nothing can be gained by doing so for a site like this. All that happens is havoc, but no monitary gain comes from doing so.

If the owner of the site asks you to change your pw on a regular basis, he is telling you to keep yourself safe, just as any online site would, including, eBay, Verizon, any and ALL creditcard companies and banks. If you feel your pw is compromised, change it immediatly. Keith cannot 'fund' this site by selling our pws, to whom would he sell them to? And if he sold them to hackers, what would they be able to get from it? Fake money and gif pets and clothes? Please,people you need to stop thinking there's some big conspiracy going on here. I"ve been here for several years and have never had my account compromised- because I don't give out my pw and I change it often.

So calm down.

Thanks for the update.

December 31, 1969, 7:00 pm by

Well I'm with Lyl... my trust has been pretty compromised. I mean Aaron said Godlies would NEVER end up in the frag shop again, and then the DAY after I get my SSB it's in there for 10k crystals. Ontop of that... then there's a ton of hacks going about the site which has happened over and over again.

December 31, 1969, 7:00 pm by

I don't ask that you trust me, but we're a team and we all work on the security of the accounts. I'm not bothered if you think I'm a money hungry whore who would sell out all the users in the drop of a hat, but I can guarantee you that the rest of the team would be objective to that .

December 31, 1969, 7:00 pm by

Not to mention, they were posting false information, that not only undermines the security efforts that we have made (including having a firm look over our MySQL code to make sure that we are protected from injections) but it makes people question the safety of their accounts.

We are not selling user account information (if I was that hungry for money, I'd be putting ads all over the site )

December 31, 1969, 7:00 pm by

Didn't know about the multiple threads.

I still don't completely trust you, though, . For other reasons though. :I

December 31, 1969, 7:00 pm by

I'm still skeptical.. especially after todays occurances.

December 31, 1969, 7:00 pm by

Why... would we leave 40 threads that the person made on a hacked account. Why would we leave that, and not delete them (or, in reality, we moved them to the UA forums). It doesn't make any sense.

December 31, 1969, 7:00 pm by

Then why was the thread deleted and not locked? It makes it look suspicious.

December 31, 1969, 7:00 pm by

wait a minute--if we have PINS protecting all our areas: bank, vault, shop till, etc. what could anyone do if they did get our passwords? i thought that's what the PINS were all about.

so are we supposed to change our PINS as well as our passwords now? ish SO confussed

December 31, 1969, 7:00 pm by

No -- We're just posting this so that users are smart enough (this time) to change their password.

The hashes being posted are from JUNE, when the exploit happened. We've asked people to change their passwords multiple times since then.

December 31, 1969, 7:00 pm by

oh, mayor dramz!! sometimes it really seems as if the users were against keith (and staff)

December 31, 1969, 7:00 pm by

I'm still starting to wonder if the selling to third party access is true... it seems like if there was an SQL inject that allowed this, that they'd put it up right away, not wait until accounts start getting nuked.

December 31, 1969, 7:00 pm by

FexHex if you don't know, you have 32bit

December 31, 1969, 7:00 pm by

Someone posted a thread saying Keith sold user accounts and passwords to someone and he said it was for funds towards a new site layout. Then the thread suddenly vanishes like it never existed and then the news announcement. :I

This is fishy as fuck.

December 31, 1969, 7:00 pm by

I always get hacked occasionaly by a certain person bt now NO MORE!!! thanksXS TO SUBETA ^^

December 31, 1969, 7:00 pm by

prefs/password http://www.subeta.net/preferences.php?act=password

December 31, 1969, 7:00 pm by

Ack! Do you have any idea how many usernames and passwords I have to remember every day? No complaining anybody! I love how Subeta reminds us every now and then, because I'm always forgetting about security on my game sites.

December 31, 1969, 7:00 pm by

I'm really scared right now.

I just changed my pass, I hope it'll be okay.

December 31, 1969, 7:00 pm by

keith--can you please put a link in your post to where we change our passwords? some of us can`t find it in the new format. it's not under preferences anymore.

December 31, 1969, 7:00 pm by

This still seems real shadey to me...

December 31, 1969, 7:00 pm by

Seriously? Right after someone posts that Keith sells out the accounts?

December 31, 1969, 7:00 pm by

Weird posts here, what's happening? I'll change again just to be safe. Actually, can we really be safe? Seeing all that information popping here is really really weird and scary.

December 31, 1969, 7:00 pm by

FexHex, its a cookie grabber. Youre an idiot for clicking it.

KELLLLLLLLY CLARKSOOOOOOON!

December 31, 1969, 7:00 pm by

Another reason to love Mac.

...And Keith ofcourse.

December 31, 1969, 7:00 pm by

Yet another reason why I love Subeta.

December 31, 1969, 7:00 pm by

ok, i know i'm pretty pc-illiterate, but i can usually download a program with no problem. but when i went to download this one, it asks me which windows platform i have: 32-bit or 64-bit. huh???

if this is required information to download, can't they at least tell me where to find it?? anyone?

December 31, 1969, 7:00 pm by

Mogel, Cyde, Jakey, Longcat? WHAT A WALK DOWN MEMORY LANE

December 31, 1969, 7:00 pm by

OMG, what is going on ?!

-changes-

December 31, 1969, 7:00 pm by

I changed my password and then I couldn't log in for over a half hour. The forget password wasn't working at first, but now it is. Finally got back into my account.

December 31, 1969, 7:00 pm by

-changes pw-

December 31, 1969, 7:00 pm by

SecuriKumos says: INTERWEBZ SAF-T BOYS AND GURLS.

@--(--

December 31, 1969, 7:00 pm by

Oh, I see. I should have figured as much.

I have a short memory apparently.

x.x

December 31, 1969, 7:00 pm by

OH how fun.

I use diff passwords so safe.

just to be sure...

/changes

December 31, 1969, 7:00 pm by

Private email server ftw

December 31, 1969, 7:00 pm by

"Really, it's worth it to not log into your favorite sites one day to see that everything has been taken. "

Yeah, considering Ive done that to 30+ so far

December 31, 1969, 7:00 pm by

I keep wondering why after every one of these little problems, somehow a few days or weeks later a meticulous list of passes ends up on a site and it ends up ultimately in this happening. I browse the little pet-site forums and it always sends to pop back up. Is the security really that bad?

December 31, 1969, 7:00 pm by

ALSO, the version of Norton I got with my computer, had a internet toolbar that keeps the passwords saved with a master PW too.

December 31, 1969, 7:00 pm by

Those boards are just someone being stupid. Keith posts this type of news post like... once a month or once every couple of months? I don't remember well, but he does it pretty regularly, just to remind people about internet security. :3

December 31, 1969, 7:00 pm by

Thanks for the concern. -goes to change pass-

December 31, 1969, 7:00 pm by

How does this relate to those weird boards popping up everywhere (if at all)?

I think I noticed those on the tail end, so please don't shoot me if I'm treading into deep water here.

Use @username to mention someone. Supports markdown formatting.

Logged Out

Leave a Comment