I have been hearing more and more recently of people's guild wars accounts being hacked into... Several guild mates and friends of mine have lost everything in the last few months but acutally what really gets me isn't the theft its the nastiness that goes with it.
For example a friend of mine was collecting every warrior armor in game for her hom. After removing all items and armor from all the other characters on the account they chose to delete one - the warrior.... it makes me question whether these people are angry at those who have worked to be rich or something XD
Ok ranting aside i know there have been lots of calls for a character locks, where they can't be deleted but i think i have a far more simple soultion: Guild wars should pompt us, every 30 days on log in, to change our passwords - the sheer effort of having to log into playncmaster account every few weeks for those that are changing their passwords frequently would be removed and it would help to block the hackers who are simply "getting luckly" and guessing the right combanations - it would also give the chance to those less clued up on hacking etc to do something proactive. As for keyloggers etc, this obviously wouldnt work as well, but then i am under the impression that you have to download one in order to get hacked by one - thus less of a problem for people more aware of the internet's perils?
A simple anti-hack solution?
Ku Ku
jackers1234
yea, a limited time set on passwords would make sense, however, it may prove rather difficult to implement in a game with millions of players.
Also, the number of people who genuinely get hacked without the help of a 3rd party program is very small. Most people who are hacked get hacked because they downloaded some form of 3rd party add-on for GW, (i.e bot programs etc). This will mean it is quite low on ANet's list of things to do.
Also, the number of people who genuinely get hacked without the help of a 3rd party program is very small. Most people who are hacked get hacked because they downloaded some form of 3rd party add-on for GW, (i.e bot programs etc). This will mean it is quite low on ANet's list of things to do.
Darkhell153
Gw should have a computer ID tracking system. That way if you report your account to be hacked, provide account name with password, and it finally gets through the mail; then arenanet can possibly log the hacker's computer ID and ban them from the server or report them for hacking.
But all in all, it's just like jackers said. Most hacking comes from idiots downloading third party software.
But all in all, it's just like jackers said. Most hacking comes from idiots downloading third party software.
Sleeper Service
Quote:
|
Originally Posted by Ku Ku
I have been hearing more and more recently of people's guild wars accounts being hacked into... Several guild mates and friends of mine have lost everything in the last few months but acutally what really gets me isn't the theft its the nastiness that goes with it.
For example a friend of mine was collecting every warrior armor in game for her hom. After removing all items and armor from all the other characters on the account they chose to delete one - the warrior.... it makes me question whether these people are angry at those who have worked to be rich or something XD Ok ranting aside i know there have been lots of calls for a character locks, where they can't be deleted but i think i have a far more simple soultion: Guild wars should pompt us, every 30 days on log in, to change our passwords - the sheer effort of having to log into playncmaster account every few weeks for those that are changing their passwords frequently would be removed and it would help to block the hackers who are simply "getting luckly" and guessing the right combanations - it would also give the chance to those less clued up on hacking etc to do something proactive. As for keyloggers etc, this obviously wouldnt work as well, but then i am under the impression that you have to download one in order to get hacked by one - thus less of a problem for people more aware of the internet's perils? |
NO. frequent password changes = MORE risk unless they are randomly generated by Anet themselves (and that is just no good, this is not the Pentagon).
edit: Character locks / timed "fadeout" like in EvE is the simple solution.
Numa Pompilius
When you get hacked it's for one of three reasons:
1) You've used an easily guessable password (e.g. username Ku Ku, password Ku Ku).
2) You've downloaded and run a keylogger. Usually these masquerade as cheats or hacks; anyone running crap like that get what they deserve.
3) You've given your password to someone who wasn't trustworthy. Maybe you've told your brother? Maybe you use the same password everywhere? Maybe you have it written down on a post-it next to your computer at work? Maybe you told the "ANet employee" who mailed you and asked for it?
In short, it's quite easy to avoid being hacked. I definitely don't want ANet (actually NCSoft, which is much worse) interfering with my security arrangements.
/unsigned.
1) You've used an easily guessable password (e.g. username Ku Ku, password Ku Ku).
2) You've downloaded and run a keylogger. Usually these masquerade as cheats or hacks; anyone running crap like that get what they deserve.
3) You've given your password to someone who wasn't trustworthy. Maybe you've told your brother? Maybe you use the same password everywhere? Maybe you have it written down on a post-it next to your computer at work? Maybe you told the "ANet employee" who mailed you and asked for it?
In short, it's quite easy to avoid being hacked. I definitely don't want ANet (actually NCSoft, which is much worse) interfering with my security arrangements.
/unsigned.
Ctb
Quote:
| NO. frequent password changes = MORE risk unless they are randomly generated by Anet themselves (and that is just no good, this is not the Pentagon). |
If you force people to change their password all the time, ESPECIALLY if you also institute complexity rules like a lot of businesses do, you'll just irritate people into picking easy passwords because they'll get fed up with always having to stop and think of something new.
Passwords should be encouraged to be strong from the start so there's no NEED to change them.
Also, this needs to be merged with the dupe.
Ku Ku
Quote:
|
Originally Posted by Numa Pompilius
When you get hacked it's for one of three reasons:
1) You've used an easily guessable password (e.g. username Ku Ku, password Ku Ku). 2) You've downloaded and run a keylogger. Usually these masquerade as cheats or hacks; anyone running crap like that get what they deserve. 3) You've given your password to someone who wasn't trustworthy. Maybe you've told your brother? Maybe you use the same password everywhere? Maybe you have it written down on a post-it next to your computer at work? Maybe you told the "ANet employee" who mailed you and asked for it? In short, it's quite easy to avoid being hacked. I definitely don't want ANet (actually NCSoft, which is much worse) interfering with my security arrangements. /unsigned. |
Ctb
Quote:
|
Originally Posted by Ku Ku
There is a 4) to this however as the example of the friend i used above had a number, letter, punctuation combo, downloaded nothing and kept the p/w to herself as has two more people i know of. I'm talking of the hackers that get hold of a email address and sit for hours randomly generating password guesses.
|
Short of pure, stupid luck on the part of the attacker, a sufficiently long and complex password will take years, decades, centuries, even potentially millenia to crack at current PC speeds.
If she lost her account even with a strong password, she very likely did have some sort of malware executing a "man-in-the-middle" attack that saw the password pass unencrypted. With the continued insecurity of Windows and the frequency of attacks made against Windows software (not just Microsoft - all sorts of applications can be exploited), it's entirely possible she was subject to an attack she didn't notice and didn't explicitly bring on herself. Even just viewing a compromised flash ad on a legitimate website can be enough if the right combination of software and patch levels is present on a machine.
Meat Axe
Quote:
|
Originally Posted by Ctb
If the password is strong, "hours" is not the right timeframe for a dictionary attack: centuries is.
Short of pure, stupid luck on the part of the attacker, a sufficiently long and complex password will take years, decades, centuries, even potentially millenia to crack at current PC speeds. |
The Way Out
Quote:
|
Originally Posted by Numa Pompilius
When you get hacked it's for one of three reasons:
1) You've used an easily guessable password (e.g. username Ku Ku, password Ku Ku). 2) You've downloaded and run a keylogger. Usually these masquerade as cheats or hacks; anyone running crap like that get what they deserve. 3) You've given your password to someone who wasn't trustworthy. Maybe you've told your brother? Maybe you use the same password everywhere? Maybe you have it written down on a post-it next to your computer at work? Maybe you told the "ANet employee" who mailed you and asked for it? In short, it's quite easy to avoid being hacked. I definitely don't want ANet (actually NCSoft, which is much worse) interfering with my security arrangements. /unsigned. |
http://www.pcworld.com/article/id,14...s/article.html
Is an article talking about LoTR. Hope this sheds a little light into how this sometimes happens even if you didn't give out your info or download things you shouldn't.
Numa Pompilius
Quote:
|
Originally Posted by Ku Ku
I'm talking of the hackers that get hold of a email address and sit for hours randomly generating password guesses.
|
Quote:
|
Originally Posted by The Way Out
People are logging into sites and signing into site
|
* OK, I should clarify that. OK, yes, it can happen, if you use a common password, or any password likely to be in a dictionary, like, say, "banana" or a variant like "b4n4n4". If you have a mixed-case 9 letter or longer pw with digits and punctiation, however, you're highly unlikely to ever get brute-forced. At one attempt per second they'll be spending months trying to get in, and exponentially longer the longer the pw. There are plenty of guides on the net to how to create secure nonsense passwords which are still easy to remember; if you're worried about getting hacked, follow the advice of one of those guides.
The Way Out
Quote:
|
Originally Posted by Numa Pompilius
Forget it. Doesn't happen.
Not with Guildwars, though. Unless you use the same password everywhere. Which is point 3). |
Once someone has your account and gets in, they normally leave the guild they are in, and join a new guild. One of the first things a hacker does in GW is ask for everyone's MSN account (lol) and they also start asking about prices. Some even start giving away free things that normal player wouldn't, saying that they are quitting GW or never playing again.
I, so far, have had three people in my guild get hacked. I try to caution everyone I play with to be careful of certain things. I give suggestions about what to avoid.
Passwords are irrelevant when it comes to most things. Attack at the weakest link. If I redirected people that connect to this site, I bet I would have about a hundred accounts in a matter of days. My only advice is to be careful. However, even then bad things happen. You can't always blame people for things that are out of their control.
Numa Pompilius
Quote:
|
Originally Posted by The Way Out
If I have your MSN account I can do it.
|
The Way Out
Quote:
|
Originally Posted by Numa Pompilius
Huh? You can hack my Guildwars account if you have my MSN account?
|
I should start a thread on dumb things people do that hurt them in the end...
Example... when you forget your password or want to change it... you ask anet or any other company to send you an email so you can "reset" your password. Most people don't delete the emails and the links can remain active for a period of time....
Anyway, yes, I can normally hack people who give me their MSN account... or yahoo... or err... easiest is myspace. Anyway, sounds like it can't happen, however, everyone leaves footprints on the net.
A suggestion for people in the future is don't use your GW account's email and password on other sites.
Keep a separate email for GW only...
Keep a separate email for just signing up for things...
Keep a separate email for banking...
Keep a.... do you get it now?
Update your systems, especially your browsers and any third party software that you use. You are never fully protected. For that you would have to take a pair of scissors to your cat5 cable.
Tarun
Hack a Guild Wars account with an MSN/Hotmail/Live/.NET address? I call BS. It can be possible, though not as much as claimed.
Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet?I'd like to hear about these "exploits" and how it's a beacon.
Numa has summed it up nicely.
As I mentioned it's often done by someone who you know and they know you. People don't realize their secret questions for their hotmail is often something that even their friends might know, or can ask and find out that easily.
Your best protection is knowledge. I'm quite confident in my knowledge about computers and the Internet. Even my boss seems to think so, as I'm the head technician at my workplace. I'm so confident in my knowledge of computers and how things work that I don't run an anti-virus at all. I choose to run a firewall because I prefer to see where the programs I use are going to online.
Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet?I'd like to hear about these "exploits" and how it's a beacon.
Quote:
|
Originally Posted by Numa Pompilius
When you get hacked it's for one of three reasons:
1) You've used an easily guessable password (e.g. username Ku Ku, password Ku Ku). 2) You've downloaded and run a keylogger. Usually these masquerade as cheats or hacks; anyone running crap like that get what they deserve. 3) You've given your password to someone who wasn't trustworthy. Maybe you've told your brother? Maybe you use the same password everywhere? Maybe you have it written down on a post-it next to your computer at work? Maybe you told the "ANet employee" who mailed you and asked for it? |
As I mentioned it's often done by someone who you know and they know you. People don't realize their secret questions for their hotmail is often something that even their friends might know, or can ask and find out that easily.
Your best protection is knowledge. I'm quite confident in my knowledge about computers and the Internet. Even my boss seems to think so, as I'm the head technician at my workplace. I'm so confident in my knowledge of computers and how things work that I don't run an anti-virus at all. I choose to run a firewall because I prefer to see where the programs I use are going to online.
The Way Out
Quote:
|
Originally Posted by Tarun
Hack a Guild Wars account with an MSN/Hotmail/Live/.NET address? I call BS. It can be possible, though not as much as claimed.
Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet?I'd like to hear about these "exploits" and how it's a beacon. Numa has summed it up nicely. As I mentioned it's often done by someone who you know and they know you. People don't realize their secret questions for their hotmail is often something that even their friends might know, or can ask and find out that easily. Your best protection is knowledge. I'm quite confident in my knowledge about computers and the Internet. Even my boss seems to think so, as I'm the head technician at my workplace. I'm so confident in my knowledge of computers and how things work that I don't run an anti-virus at all. I choose to run a firewall because I prefer to see where the programs I use are going to online. |
Guild Wars has a small underground culture of people that are very tech savy. One of the runs this forum. Lastly, I personally know over ten people that were packet hacking awhile back. I think they fail, however, they were into a lot of shady crap. Anyway, I am going to shut up. Apparently I don't know what I am talking about and people are just going to jump to conclusions here.
Tamuril elansar
just don't download key loggers and don't tell you're password to anyone.
thats one simply solution to hacking.
thats one simply solution to hacking.
The Way Out
Quote:
|
Originally Posted by Tamuril elansar
just don't download key loggers and don't tell you're password to anyone.
thats one simply solution to hacking. |
Musei Karasu
Quote:
|
Originally Posted by Tarun
I call BS.
|
Seeing as how I can think of how to do it right now without really working hard on the thought I'm very positive it can be done, although not as easily as The Way Out is suggesting. It would take a bit of work. It's very scary what someone can do to you with just a tiny little bit of information.
Ekelon
Surprisingly, Guild Wars is the one game where I don't hear much about people being hacked. There is rumor about recent hackers using the "easy password" method, where, once they obtain your e-mail account, they will try all common passwords, and if it doesn't work, move on to the next e-mail account. My suggestion is, don't share accounts, and don't have an easy password (use 8+ letters and use both numerals and alphabet letters).
The Way Out
Quote:
|
Originally Posted by Musei Karasu
I don't. Would you like to compare credentials?
Seeing as how I can think of how to do it right now without really working hard on the thought I'm very positive it can be done, although not as easily as The Way Out is suggesting. It would take a bit of work. It's very scary what someone can do to you with just a tiny little bit of information. |
They are one of the most commonly deleted thread on this forum.
"I've been hacked!"
Followed by ten people flaming them and blaming them for it happening. Then a mod closing it.
Lastly, guessing common password was a really old school way of doing things. There are much easier ways of doing things. Anyone with php, javascript, html, and basic network communication skills can do a lot of things they are not supposed to.
Numa Pompilius
It's hard to separate reality from myth on how common it is to get GW accounts hacked. It happens, no doubt about that, but on the other hand "I've been hacked!" is the second most common excuse (after "my brother did it when I forgot to log out!") when someone does something stupid, gets banned, and tries to come up with a reason why he should be unbanned.
The Way Out makes a good point with the "forgotten password emails" (who doesn't have some emails like that in their archived inbox?) but AFAIK that doesn't really apply to GW, as NCSoft don't mail out new or forgotten passwords, it's more a forum/website security problem.
Also I think one must separate between hacking anything and hacking something that matter - sure, I have emails with passwords for filesplanet and random webfora in my MSN inbox, but I really couldn't care less if someone found them, because there's no passwords for stuff that matter, like banking or commerce. Or guild wars.
The Way Out makes a good point with the "forgotten password emails" (who doesn't have some emails like that in their archived inbox?) but AFAIK that doesn't really apply to GW, as NCSoft don't mail out new or forgotten passwords, it's more a forum/website security problem.
Also I think one must separate between hacking anything and hacking something that matter - sure, I have emails with passwords for filesplanet and random webfora in my MSN inbox, but I really couldn't care less if someone found them, because there's no passwords for stuff that matter, like banking or commerce. Or guild wars.
Undivine
Although nowhere near as experienced as No Way Out, I have a bit of knowledge in networking and to some extend, network security. It wouldn't surprise me if MSN gives you that kind of opening.
However, let's get things clear; we will not have information on how to hack anything in this forum. So watch what you say!
However, let's get things clear; we will not have information on how to hack anything in this forum. So watch what you say!
The Way Out
Quote:
|
Originally Posted by Undivine
Although nowhere near as experienced as No Way Out, I have a bit of knowledge in networking and to some extend, network security. It wouldn't surprise me if MSN gives you that kind of opening.
However, let's get things clear; we will not have information on how to hack anything in this forum. So watch what you say! |
NOT EVERYONE THAT GETS HACKED IS TO BLAME FOR GETTING HACKED!
Sometimes they are, however, not everyone is. When asked how, I explain that it is possible. Don't call me out, and when I point you to where you can find that kind of information, condemn me for promoting hacking. If anything, I think I have made it pertinently clear that I am against it and advise people to be a bit more cautious with their information.
Also, was that a typo about the No Way Out call out, or are you hurting my feelings? lol
Undivine
Oh, no no no... If I had thought you were telling people how to hack I would've already deleted your posts. Just a general warning to everyone not to get too detailed, as there seems to be more than just you who knows a thing or two about hacking.
The Way Out
Quote:
|
Originally Posted by Undivine
Oh, no no no... If I had thought you were telling people how to hack I would've already deleted your posts. Just a general warning to everyone not to get too detailed, as there seems to be more than just you who knows a thing or two about hacking.
|
Wild Karrde
You can generally crack a password under 10 characters long in about 5 minutes
and the time goes up by alot from there. If you want to have a good safe password that would take forever or cant be cracked it needs to be about 21 characters long.
My friend is good with computers and he can crack just about any password I have if its under 10 chars in about 5 mins. I trust him so I let him do it. He knows what hes talking about. If you really want a good password make it LONG with a combination of letters and numbers. I guess special characters like * or _ or something wouldnt hurt either.
and the time goes up by alot from there. If you want to have a good safe password that would take forever or cant be cracked it needs to be about 21 characters long.
My friend is good with computers and he can crack just about any password I have if its under 10 chars in about 5 mins. I trust him so I let him do it. He knows what hes talking about. If you really want a good password make it LONG with a combination of letters and numbers. I guess special characters like * or _ or something wouldnt hurt either.
Kanyatta
Quote:
|
Originally Posted by Ku Ku
Several guild mates and friends of mine have lost everything in the last few months
|
Tarun
Still watching for an answer to my questions. 
Holly Herro
I have the ultimate password for everything.. but it's only 6 characters >_> <_<
And you deserve a punch in the face
Quote:
|
Originally Posted by Kanyatta
Then your friends gave their password and/or e-mail to someone that they shouldn't have. IMO, they deserved to have their accounts taken.
|
Ku Ku
Quote:
|
Originally Posted by Holly Herro
I have the ultimate password for everything.. but it's only 6 characters >_> <_<
And you deserve a punch in the face |
They were also the least trusting people i know, and i distincly remember an arguement springing up one time between one of them and their partner about the fact he wouldnt giver her his p/w while he was at work! So yes, that comment was wholely unuseful and thanks to you nerdy lot for pointing that out to peoples :P
i guess i am just getting sick of people pming me and saying... you'll never guess what happened last night... x got hacked... they've taken everything... and yeah im not too clued up on security (i know the basics.. strong passwords, how trojans work etc) so it was just a suggestion XD
(I think im going to stop starting threads... its not good for my complexion to get flamed so much and lotion is expensive!)
Ku xxx
Numa Pompilius
Thing is... I don't know anyone who's actually been hacked, but a bunch of people in your guild has. By the sound of it, you guys are definitely getting hit more often than average.
That suggests that the culprit may be closer to you than you think.
Not only that, but deleting the warrior like that sounds like a joke/prank, it's not typical "goldseller steals account to rob and use for botting" behavior.
Perhaps you guys have discussed passwords in a bit too much detail, and one or several of you have an interesting sense of humor. Alternatively one of you have written or modified a keylogger so it isn't picked up by anti-virus software -that's not hard- and distributed it among you.
But hey, what do I know.
That suggests that the culprit may be closer to you than you think.
Not only that, but deleting the warrior like that sounds like a joke/prank, it's not typical "goldseller steals account to rob and use for botting" behavior.
Perhaps you guys have discussed passwords in a bit too much detail, and one or several of you have an interesting sense of humor. Alternatively one of you have written or modified a keylogger so it isn't picked up by anti-virus software -that's not hard- and distributed it among you.
But hey, what do I know.
genofreek
I was sort of thinking that myself. If a lot of one guild is getting this done to them, and nobody's been downloading, it's worth clamping down on the "lol if you type your pw in alliance chat it shows up as stars ******** see" sort of thing.
freaky naughty
As long as you're not completely stupid you probably won't be hacked.
/notsigned.
/notsigned.
Kanyatta
Quote:
|
Originally Posted by freaky naughty
As long as you're not completely stupid you probably won't be hacked.
/notsigned. |
listen to this guy.
"ZOMG! I did Across The Wall in pre with this guy. I can trust him with my account info. He says he's good!"
Alex Morningstar
There is a simple answer. You already stated it, you (along with other users) want to take the lazy road and have Anet or NCsoft hand it to you on a platter.
Make a masterNC account, change your password frequently. It's YOUR account, it's YOUR responsibility to maintain security for it. That means don't give out your info, do not give it out to your friends, do not use a commonly used email as your sign-in, do not buy services such as power levelling or in-game gold. The latter, I'm sure they could check whatever password and email you register with against the account you give them.
Use your brain.
Make a masterNC account, change your password frequently. It's YOUR account, it's YOUR responsibility to maintain security for it. That means don't give out your info, do not give it out to your friends, do not use a commonly used email as your sign-in, do not buy services such as power levelling or in-game gold. The latter, I'm sure they could check whatever password and email you register with against the account you give them.
Use your brain.
The Way Out
Please read down a bit. Typically speaking, people that get their account hacked have a friends list that travels with them. You normally have a friends list that has many members in your guild on it. I have had four people get hacked in my guild. I caught a hacker on a guild members account trying to give away all of his items in the guild hall. He was asking for everyone MSN account info. Without going into detail yet again about the fact that your MSN can be hacked (along with other things), I will just shut up and keep silent.
Last, if you don't think your MSN can be hacked... post it and sit back in confidence.
If you laugh at people getting hacked, I honestly hope you yourself get hacked someday. That will but a ton of humility into you and make you a little more receptive to your limited logic and understanding.
I have answered questions that were asked about anti-hack measures here like three times. If you don't want to hear the answer... stop asking. If you only want to hear the answer you are looking for... keep listening to the retards that tell you that you won't ever get hacked because you are too smart to give away your password.
Last, if you don't think your MSN can be hacked... post it and sit back in confidence.
If you laugh at people getting hacked, I honestly hope you yourself get hacked someday. That will but a ton of humility into you and make you a little more receptive to your limited logic and understanding.
I have answered questions that were asked about anti-hack measures here like three times. If you don't want to hear the answer... stop asking. If you only want to hear the answer you are looking for... keep listening to the retards that tell you that you won't ever get hacked because you are too smart to give away your password.
Tarun
The Way Out, since you avoided answering my questions once either please answer them in a timely manner or simply admit you really don't know half of what you're claiming.
You're not going into detail because you do not know is how it seems to me, and it's rather obvious. Claim all you want that you're in security or a "white hat" but that means nothing, because there are so many self appointed <insert title here> types online. To me you're acting just like one of them. Talking as though you're an expert in the field yet when challenged you lack the common knowledge (yes it's common knowledge for anyone with their respective degrees/certification) to explain it.
Here are my easy to answer questions for you, again:
Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet? I'd like to hear about these "exploits" and how it's a beacon.
You're not going into detail because you do not know is how it seems to me, and it's rather obvious. Claim all you want that you're in security or a "white hat" but that means nothing, because there are so many self appointed <insert title here> types online. To me you're acting just like one of them. Talking as though you're an expert in the field yet when challenged you lack the common knowledge (yes it's common knowledge for anyone with their respective degrees/certification) to explain it.
Here are my easy to answer questions for you, again:
Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet? I'd like to hear about these "exploits" and how it's a beacon.
The Way Out
Quote:
|
Originally Posted by Tarun
The Way Out, since you avoided answering my questions once either please answer them in a timely manner or simply admit you really don't know half of what you're claiming.
You're not going into detail because you do not know is how it seems to me, and it's rather obvious. Claim all you want that you're in security or a "white hat" but that means nothing, because there are so many self appointed <insert title here> types online. To me you're acting just like one of them. Talking as though you're an expert in the field yet when challenged you lack the common knowledge (yes it's common knowledge for anyone with their respective degrees/certification) to explain it. Here are my easy to answer questions for you, again: Suffering from exploits through MSN and XFire? A "home beacon" for finding the user's pc on the Internet? I'd like to hear about these "exploits" and how it's a beacon. |
http://www.bestsecuritytips.com/news...toryid+300.htm
http://www.us-cert.gov/current/archi...3/archive.html
These are two that some people use if your messenger client is not updated....
Again, I advised people earlier to update software on their systems.
I am trying not to give out too much information for people to begin misusing. If you don't see I am attempting to be helpful, then just ask me to stop sharing and I will. I answered you earlier. If you want to learn more about vulnerabilites around MSN and XFire... .Net and IE... Firefox and Myspace... etc... use either of the following...
www.google.com
www.us-cert.gov
You will quickly see that software developers are always one step behind hackers. If you don't update your software regularly, you will be at a greater risk the longer you wait.
I have worked in security for awhile now, and do a lot of consulting. Many people that I consult for tell me that they have anti-virus installed. More than half have never updated their anti-virus. Some client still have Norton 2002 or 2005 on their systems and call that protection.
Keeping your system up-to-date cuts a large portion of your exposure out. Running different programs for antivirus, anti-spyware, firewall, and registry guarding are a good means of security. Most people throw their security into an all-in-one suite that become a single point of failure (meaning that if the program gets corrupt or compromised, the system become entirely exposed). A hardware firewall is cool to have on your router, however, I don't recommend it for average to low-end users (you need a little knowledge about TCP and UDP traffic). Updating your firmware on you modem, router, and network adapters are recommended. Anyway, i think I am done with this thread. People are going to be pigheaded about this. Take care, everyone!
Good Luck!
Ctb
Quote:
| As long as you're fairly experienced with computers you probably won't be hacked. |
The entire computing industry has spent decades trying to idiot-proof computing applications while simultaneously ramping up the vast number of things those applications do. IT departments simultaneously introduce grander tools in the workplace while removing the level of maintenance the user has to peform on them.
Furthermore, a hefty number of the threats people face from the Internet have nothing to do with anything they can control. The entire system right down to the core protocols is ripe for abuse, with next to no thought ever given to security.
People aren't 'stupid' for not knowing these things, they just haven't been told how to do it because smarmy geeks would rather show off their "intellect" than take the time to explain how something works.
I've argued for years that applications and IT shouldn't be idiot-proofing computing for people because you wind up instilling a sense of wonder at the machines. People have come to view computers as almost magical, arcane things that only a privileged few can provoke desired behaviors from. They treat computers like complicated and brittle things because nerds have, for years, taken the attitude that they're better than everyone else and they'd rather just shove the user aside and do everything for that user than share their precious knowledge.
I don't blame users for not seeking out how to do these things, I blame smartass nerds with no social ability for not sharing their knowledge with the "plebes". I've fallen into that trap too, but lately I've been trying to interact more directly with people who have problems to try and get them to understand how to do things for themselves rather than having to rely on people that are no longer available after 5:00 PM.