Security Breach - Page 4 - RPGWatch Forums
|
Your donations keep RPGWatch running!
RPGWatch Forums » General Forums » RPGWatch » Security Breach

Default Security Breach

January 18th, 2019, 01:42
Originally Posted by figment View Post
Also I thought self-salting systems like argon2, bcrypt or scrypt are current security hashing recommendations though bcrypt is no longer generally recommended but better than sha+salt. But again its not like my bank account info is stored here so not too worried either way.
Yeah, I think the biggest risk is to people that tend to use the same details across sites, if the hashing used was outdated, and could expose their usual combination. I've known some quite senior people who are simply so stressed in terms of mental bandwidth, that they make those kinds of errors, and get "hacked".
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#61

Join Date: Nov 2014
Posts: 8,354
Mentioned: 61 Post(s)

Default 

January 18th, 2019, 17:12
With some ISPs, mail from RPGWatch tends to end up in spam folders apparently. Especially Gmail is known to do this. It is kind of hard to respond to people complaining about not having received an e-mail, when they do not check their spam folder, as my response ends up there as well.

If you can't recall having ever received an e-mail from RPGWatch because of a PM you have received, the mails probably ended up in your spam folder.
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is offline

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#62

Join Date: Aug 2006
Location: Netherlands
Posts: 9,069
Mentioned: 73 Post(s)

Default 

January 18th, 2019, 19:32
Myrthos,

Thanks for correcting the email address connected to my account.

Shaf
shaf is offline

shaf

Sentinel

#63

Join Date: Oct 2006
Location: Toronto, Ont. Canada
Posts: 257
Mentioned: 0 Post(s)

Default 

January 21st, 2019, 22:28
If you can't recall having ever received an e-mail from RPGWatch because of a PM you have received, the mails probably ended up in your spam folder.
Afirmative to this and I can assume many of those people have your spam file hidden like mine was. A simple google search found out how to show the spam folder.

Thanks you Myrthos for your patience and helping me get my status back.
--
The falcon cannot hear the falconer;
Things fall apart; the centre cannot hold;
Mere anarchy is loosed upon the world,
The Second Coming- William Butler Yeats
redman5427 is offline

redman5427

redman5427's Avatar
Keeper of the Watch

#64

Join Date: Oct 2006
Location: USA-Michigan
Posts: 1,341
Mentioned: 1 Post(s)

Default 

February 20th, 2019, 16:37
Someone uses an e-mail adress of mine which I used so long ago for registering here to distribute trojans.

The 2 copies I received sound as if the person distributing them is infected with Emotet or something similar : they sound quite sophisticated.

More about that there and below that : https://www.rpgwatch.com/forums/show…&postcount=347
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
Alrik Fassbauer is offline

Alrik Fassbauer

Alrik Fassbauer's Avatar
TL;DR
Original Sin 1 & 2 Donor

#65

Join Date: Nov 2006
Location: Old Europe
Posts: 18,639
Mentioned: 15 Post(s)

Default 

February 20th, 2019, 20:47
Spoofing the sender’s email address is not that difficult. Anyone can do it. Providers using DKIM is the only way I know off that would allow the mail to be flagged as SPAM as the email with the spoofed email address doesn’t have a valid key. Obviously this only works if both gmx (in your case) and the receiving party use DKIM.
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is offline

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#66

Join Date: Aug 2006
Location: Netherlands
Posts: 9,069
Mentioned: 73 Post(s)

Default 

February 23rd, 2019, 16:39
Originally Posted by Myrthos View Post
With some ISPs, mail from RPGWatch tends to end up in spam folders apparently. Especially Gmail is known to do this. It is kind of hard to respond to people complaining about not having received an e-mail, when they do not check their spam folder, as my response ends up there as well.
It is weird - that every RPGWatch email ends up in SPAM … I say 'Not Spam' and the next one lands back there again … and again and again. Ugh. Given the general accuracy of Gmail for me and total responsiveness to when I say 'not spam' in EVERY other case, I'm not sure what it is about the RPGWatch header that gets the emails flagged?
--
-- Mike
txa1265 is offline

txa1265

txa1265's Avatar
SasqWatch
Moderator

#67

Join Date: Oct 2006
Location: Corning, NY USA
Posts: 14,081
Mentioned: 7 Post(s)

Default 

February 24th, 2019, 08:34
Might be data center. Would need to examine Google logs to see decision tree.

Originally Posted by txa1265 View Post
It is weird - that every RPGWatch email ends up in SPAM I say 'Not Spam' and the next one lands back there again and again and again. Ugh. Given the general accuracy of Gmail for me and total responsiveness to when I say 'not spam' in EVERY other case, I'm not sure what it is about the RPGWatch header that gets the emails flagged?
you is offline

you

Lazy_dog
RPGWatch Donor
Original Sin 2 Donor

#68

Join Date: Oct 2006
Location: usa - boston
Posts: 6,775
Mentioned: 42 Post(s)

Default 

February 24th, 2019, 12:07
I don’t know either what it is, I don’t use gmail.
The header should mention what contributed to the mail being flagged as spam, perhaps you can send me that information. It is usually a list of abbreviations and numbers.
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is offline

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#69

Join Date: Aug 2006
Location: Netherlands
Posts: 9,069
Mentioned: 73 Post(s)

Default 

February 24th, 2019, 12:15
Is there any chance that when the site was hacked, they pwned the mail server and conducted some mischief with it?
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#70

Join Date: Nov 2014
Posts: 8,354
Mentioned: 61 Post(s)

Default 

February 24th, 2019, 20:03
Well, forum performance is still abysmally bad.

Darth Tagnan

Guest

#71

Posts: n/a
Mentioned: Post(s)

Default 

February 25th, 2019, 18:59
Originally Posted by Ripper View Post
Is there any chance that when the site was hacked, they pwned the mail server and conducted some mischief with it?
No, that didn't happen.
I received a google mail header and I can see that the mail passes SPF, DKIM and DMARC checks. So the Google mail server knows the mail is from a source that actually sent the mail. Yet, it still flags it as spam. It might be that RPGWatch is blacklisted by Google.
--
In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move. Douglas Adams
There are no facts, only interpretations. Nietzsche
Some cause happiness wherever they go; others whenever they go. Oscar Wilde
Myrthos is offline

Myrthos

Myrthos's Avatar
Cave Canem
Administrator
RPGWatch Team

#72

Join Date: Aug 2006
Location: Netherlands
Posts: 9,069
Mentioned: 73 Post(s)

Default 

February 26th, 2019, 02:32
Originally Posted by Darth Tagnan View Post
Well, forum performance is still abysmally bad.
It really is, ever since the server move back in late November. I've started visiting the site a lot less often than I used to because of how aggravatingly slow it is.
Stingray is offline

Stingray

SasqWatch
Original Sin 1 & 2 Donor

#73

Join Date: Sep 2007
Posts: 1,907
Mentioned: 4 Post(s)

Default 

February 26th, 2019, 13:42
Yeah, there's definitely been performance issues since the switch. Some page loads happen quite quickly, but others I click and wonder if it's going to time out.
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#74

Join Date: Nov 2014
Posts: 8,354
Mentioned: 61 Post(s)
+1:

Default 

February 26th, 2019, 23:56
I have multiple pages open. I refresh them all at once. By the time I get to the last one, the first one is ready to read.
--
It's not what you say - it is the way you say it.
Lovely 2 minute video: 'Change your words, change your world'
Eye is offline

Eye

Eye's Avatar
Eye Watch
Super Moderator

#75

Join Date: Aug 2015
Location: Europe
Posts: 1,920
Mentioned: 32 Post(s)

Default 

February 27th, 2019, 01:31
Originally Posted by Eye View Post
I have multiple pages open. I refresh them all at once. By the time I get to the last one, the first one is ready to read.
So it's you, hammering the server!
--
"Where can the horizon lie, when a nation hides its organic minds in a cellar, dark and grim? They must be very dim." David Bowie, All the Madmen (1970)
Ripper is offline

Ripper

Ripper's Avatar
Ngikufisela iwela

#76

Join Date: Nov 2014
Posts: 8,354
Mentioned: 61 Post(s)
+1:
RPGWatch Forums » General Forums » RPGWatch » Security Breach
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT +2. The time now is 04:59.
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
vBulletin Security provided by DragonByte Security (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging (Lite) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
Copyright by RPGWatch