GOMTV.net compromised - Page 43
Forum Index > SC2 General |
S.O.L.I.D.
United States792 Posts
| ||
IronWolf
South Africa315 Posts
| ||
KevinIX
United States2472 Posts
| ||
nalgene
Canada2153 Posts
On August 16 2011 04:38 sluggaslamoo wrote: Fucking GOM, companies that aren't proactive about their security never will be, even if they patch all their current problems, because they don't know crap about security their coders will just create more holes for breaches as they keep making their crap media player. So I will never trust them in the future. It's unfortunate that they only have like 6 options in their media player for renderer options ( a few VMR7/9's / overlay mixer, but no option to use madVR as a video renderer ), and it also doesn't work with vsfilter either. | ||
Sokalo
United States375 Posts
Greeeat. | ||
BigFan
TLADT24917 Posts
| ||
Mohdoo
United States15082 Posts
On August 16 2011 07:43 Sokalo wrote: Hmm, just received an e-mail asking me to verify my new battle.net account registered to my e-mail I used to register with GOM. My real battle.net account uses a smurf e-mail. Greeeat. Same, which is really interesting. The email account I use for GOM is different than that of Battle.net, yet I got an email from Blizzard saying that my account has been locked until I verify who I am. | ||
Goldfish
2230 Posts
On August 15 2011 18:59 kyophan wrote: I think the answer is probably not necessary, but just to make sure. Is it recommended that I get a new main email? Yep it's not really needed. Just make sure you password is unique to that email only and make sure it's long and contains a combo of numbers and letters. Though I recommend using or creating an email solely for lesser important sites like forums and GOMTV for example. Like my previous post, so far this has happened to - GOMTV, Sony, Bioware, EA games, Mozilla (they accidentally uploaded passwords/account info somewhere based on firefox addon accounts >.<), etc. Make sure to use unique passwords for everything. Additionally recommendations (long post): + Show Spoiler + You can create one email for talking with friends only (but said email is not registered to any site or forum). The reason for this is typically sometimes friends may actually do a reply all or whatever instead of using BCC causing all "their" friends or contacts to see your email. Basically a lot of people will know your email address and the more you have, the more chances someone may try to steal it (This is just to be extra safe or paranoid if you want as the chances of people trying to get into your email are probably low and the chances of them succeeding are much lower if you use a unique long password. This is just to be safe). Create one main/important email all the important things like bank, paypal, battle.net, etc. You can additionally also add things like Steam account, or EA Games and/or Playstation Network or if you can just create another email for those. Finally a third(or fourth if you're doing the latter of the above) email for stuff that isn't as important like GOMTV, forums, etc. That is if you lose that email, no major damage would be done and nothing too valuable would be lost. Yeah I know it's overkill and typically one or two emails is enough but if you want to be extra safe, I'd suggest at least having one email dedicated to stuff that isn't as important like forums or the like. This will be your "throw away email" (if it gets hacked or lost, nothing too bad would happen since it's not your main email). It's a good system and most email providers do not really care if you make multiple accounts and use them. Finally of course use all different passwords for everything. Also remember to log into every email you have at least once every two weeks or so. Most email providers have a term where if your account is inactive for a certain amount of time (I think Yahoo for example is 2 or 3 months and gmail is maybe 9 months), it gets deleted due to inactivity. So log onto your account at least once every two weeks or so (make sure to do a quick memory scan with anti virus software[avast for example has it if you set up a memory scan] or super antispyware, malware bytes, windows defender, etc just in case before logging on all your email). | ||
Deleted User 101379
4849 Posts
On August 16 2011 08:17 Goldfish wrote: Yep it's not really needed. Just make sure you password is unique to that email only and make sure it's long and contains a combo of numbers and letters. Though I recommend using or creating an email solely for lesser important sites like forums and GOMTV for example. Like my previous post, so far this has happened to - GOMTV, Sony, Bioware, EA games, Mozilla (they accidentally uploaded passwords/account info somewhere based on firefox addon accounts >.<), etc. Make sure to use unique passwords for everything. Additionally recommendations (long post): + Show Spoiler + You can create one email for talking with friends only (but said email is not registered to any site or forum). The reason for this is typically sometimes friends may actually do a reply all or whatever instead of using BCC causing all "their" friends or contacts to see your email. Basically a lot of people will know your email address and the more you have, the more chances someone may try to steal it (This is just to be extra safe or paranoid if you want as the chances of people trying to get into your email are probably low and the chances of them succeeding are much lower if you use a unique long password. This is just to be safe). Create one main/important email all the important things like bank, paypal, battle.net, etc. You can additionally also add things like Steam account, or EA Games and/or Playstation Network or if you can just create another email for those. Finally a third(or fourth if you're doing the latter of the above) email for stuff that isn't as important like GOMTV, forums, etc. That is if you lose that email, no major damage would be done and nothing too valuable would be lost. Yeah I know it's overkill and typically one or two emails is enough but if you want to be extra safe, I'd suggest at least having one email dedicated to stuff that isn't as important like forums or the like. This will be your "throw away email" (if it gets hacked or lost, nothing too bad would happen since it's not your main email). It's a good system and most email providers do not really care if you make multiple accounts and use them. Finally of course use all different passwords for everything. Also remember to log into every email you have at least once every two weeks or so. Most email providers have a term where if your account is inactive for a certain amount of time (I think Yahoo for example is 2 or 3 months and gmail is maybe 9 months), it gets deleted due to inactivity. So log onto your account at least once every two weeks or so (make sure to do a quick memory scan with anti virus software[avast for example has it if you set up a memory scan] or super antispyware, malware bytes, windows defender, etc just in case before logging on all your email). What about having a catch all address? :p i have gomtv@..., teamliquid@..., blizzard@..., paypal@..., twitter@... and a lot more. It's a nice way to trace where the spam comes from. For example i recently received a mail that my ddo@... address that i only used for dungeons and dragons online for about half an hour was used to register a WoW account on SEA, so now i know that D&D Online has a leak and can't be trusted anymore. | ||
nalgene
Canada2153 Posts
| ||
YokaY
United States108 Posts
| ||
pluu
Austria36 Posts
| ||
giX
United States185 Posts
| ||
Dwelf
Netherlands365 Posts
| ||
MonDeW
Denmark369 Posts
| ||
Goldfish
2230 Posts
On August 16 2011 18:16 YokaY wrote: My e-mail and facebook password were changed, the IP address that logged in was from south korea South Korea (219.248.84.141). They weren't the same PW as my gom account which is rather unsettling. I could have a virus? but it seems too suspicious to be a coincidence. That's not good. Were the passwords short or long and how similar are they to the GOM account? I suggest doing a virus scan. | ||
fant0m
964 Posts
http://mobile.slashdot.org/story/11/07/24/1715232/Android-Password-Data-Stored-In-Plain-Text Read the comments on this story. For the most part, if a hacker has access to your system, they have access to whatever method you use to decrypt, so it's kind of pointless. | ||
Zinnwaldite
Norway1567 Posts
| ||
rasnj
United States1959 Posts
On August 17 2011 07:55 fant0m wrote: Actually, I wouldn't really fault Gom that much for storing it in plain text. http://mobile.slashdot.org/story/11/07/24/1715232/Android-Password-Data-Stored-In-Plain-Text Read the comments on this story. For the most part, if a hacker has access to your system, they have access to whatever method you use to decrypt, so it's kind of pointless. Unless there is no way to decrypt it (or at least no way to decrypt it in 10000 years). Which is the right way to go about password protection. Store an encrypted password E. When user enters password P you perform encryption on P and compares the result with E. This is the accepted method for password protection. This is done either by having several passwords map to the same encrypted string (ala md5), or have a type of encryption where decryption is a very hard computational problem that would take millions of years with millions of supercomputers. Or a combination. | ||
Predateur
Canada79 Posts
This is a huge business, it's unacceptable to have plain-text password on their server like this. This is an example where a company neglect technology and they are going to loose a lot of customer because of this. I won't make any more purchase on their website. I'll just watch match 1 of each serie and not risk my info. | ||
| ||