Official forums down

47 Pages
« First
←
2
3
4
5
6
→
Last »

You cannot start a new topic
You cannot reply to this topic

Official forums down

#61 Agra

Experienced Spammer

Group: Moderators
Posts: 572
Joined: 30 April 2011
Twitter:@lux_lotro
Location:Myrthenhof 6, Weinhall, Auenland
Server:Morthond
Kinship:Lux aeterna

Posted 12 October 2011 - 16:30

Rarehero, on 12 October 2011 - 16:22, said:

Maybe we should start a counter offensive and start our own competition. Everybody, who retweets our complains, takes part in a competition

MueR, on 12 October 2011 - 16:23, said:

Randomly selected winner gets a forum title?

LotRO Serverstatus Widget für deine Webseite: http://lux-hdro.de/serverstatus.php
LotRO Serverstatus Sidebar Gadget: http://lux-hdro.de/download.php
LotRO Serverstatus RSS: http://lux-hdro.de/s...rstatus-rss.php
LotRO MP Signaturgenerator: http://lux-hdro.de/mp-signatur.php
LotRO Online Signaturgenerator: http://lux-hdro.de/signatur.php

#62 cossieuk

Font of Wisdom, 2011

Group: Members
Posts: 557
Joined: 28 April 2011
Server:Snowbourn

Posted 12 October 2011 - 16:30

Rosiebelle, on 12 October 2011 - 16:22, said:

Something else interesting I just noticed that is different from earlier. I know I had entries for lotteries ending on 12 October. Now when I go to the lotteries page it says I have no current entries.

The lotteries finished at 11 am ESB which is 4 pm in the UK so they should have disappeared

#63 Rosiebelle

Senior member

Group: Members
Posts: 127
Joined: 28 April 2011
Server:Snowbourn
Kinship:The Stars of Eldarion

Posted 12 October 2011 - 16:31

You are right. It is the 12th already. I am in denial about the date because I have a horrible hospital appointment tommorow!

#64 Agra

Experienced Spammer

Group: Moderators
Posts: 572
Joined: 30 April 2011
Twitter:@lux_lotro
Location:Myrthenhof 6, Weinhall, Auenland
Server:Morthond
Kinship:Lux aeterna

Posted 12 October 2011 - 16:32

Databaseserver LotrO was toegankelijk voor anonieme gebruikers
http://tweakers.net/...gebruikers.html

#65 MueR

Also known as Eru

Group: Administrators
Posts: 430
Joined: 27 April 2011
Twitter:@Rhyaehar
Location:The Netherlands
Server:Laurelin
Kinship:Nimminas

Posted 12 October 2011 - 16:33

I had nothing to do with that, honest O-)

I wield the Banhammer.
Fear me, but only if you feel you deserve a ban.

#66 SellingTheDrama

Junior Spammer

Group: Members
Posts: 345
Joined: 13 September 2011
Location:running around as the Emperor's Wrath doing his bidding
Server:Kellar's Void

Posted 12 October 2011 - 16:38

Rosiebelle, on 12 October 2011 - 16:24, said:

All my characters that I can see via the widgets still have all their paltry sums of gold (if the widgets are updating properly). I'm at work so can't log into the game. Is there much chatter on global about the forums or has the word "forum" been added to the naughty words filter?

i tried bringin it up a couple time and no one seemed to care...lol

Turbine: Powered by their fans
at least until milked dry
to feed the corporate lie

#67 cossieuk

Font of Wisdom, 2011

Group: Members
Posts: 557
Joined: 28 April 2011
Server:Snowbourn

Posted 12 October 2011 - 16:44

Given that there was over 1 million accounts in the DB does this mean we finally have an idea of the population of LOTRO

#68 Agra

Experienced Spammer

Group: Moderators
Posts: 572
Joined: 30 April 2011
Twitter:@lux_lotro
Location:Myrthenhof 6, Weinhall, Auenland
Server:Morthond
Kinship:Lux aeterna

Posted 12 October 2011 - 16:47

cossieuk, on 12 October 2011 - 16:44, said:

Given that there was over 1 million accounts in the DB does this mean we finally have an idea of the population of LOTRO

Hmmm.... over 1 million different ~~people~~ emailadresses have ~~played 1 or more days?~~ registered an account?

#69 Spheric

Junior Spammer

Group: Members
Posts: 355
Joined: 28 April 2011
Location:Florida
Server:Brandywine

Posted 12 October 2011 - 17:04

You know, the fact that Turbine has ignored this danger since they first tied the forums to actual game accounts despite repeated warnings over and over again from their players is bad enough. But, then to find out that their data has been open for public access all this time on top of it all is absolutely stunning. It's almost unbelievable that they would be this careless with their customers' data. It goes well beyond incompetence. Well beyond.

Comparisons to the carelessness of Sony in how they handled their customers' sensitive information is appropriate, in my humble opinion. This ranks right up there with that.

"I guess you think you can psych me out by saying really random stuff." -Sora, Hollow Bastion, KH2
"I want no part of a group whose members kill each other." -Baralai, Den of Woe, FFX-2

Now I know how the elves feel. All the magic is leaving Middle Earth.

I'm right 97% of the time. Who cares about the other 4%?

#70 Darmokk

Experienced Spammer

Group: Members
Posts: 861
Joined: 15 September 2011
Location:Boston, MA, USA
Server:Landroval
Kinship:Gathering of Grognards

Posted 12 October 2011 - 17:05

Looks like Turbine is finally paying the price for rushing a new community site, launch it half-working and then never polish it up. Deserved^3.

Who wants to take a bet whether the encrypted passwords were salted or not?

And you know what the best part is?

#71 Spheric

Junior Spammer

Group: Members
Posts: 355
Joined: 28 April 2011
Location:Florida
Server:Brandywine

Posted 12 October 2011 - 17:08

Darmokk, on 12 October 2011 - 17:05, said:

Who wants to take a bet whether the encrypted passwords were salted or not?

It appears they were not from other posts I have read.

#72 Darmokk

Experienced Spammer

Group: Members
Posts: 861
Joined: 15 September 2011
Location:Boston, MA, USA
Server:Landroval
Kinship:Gathering of Grognards

Posted 12 October 2011 - 17:21

Spheric, on 12 October 2011 - 17:08, said:

It appears they were not from other posts I have read.

Of course not. The vbulletin password store would have salted the password when encrypting. But Turbine in their wisdom had decided to not use the vbulletin password store and roll their own (among other things that's why you get the "sp_login?" crap after a timeout).

And I think nobody here has any illusions how much energy Turbine spends on the forum and community site. As long as it's pretty that's fine with them. My bet is on a totally naive security by obscurity approach and no salt.

I just hope I find my characters intact when I log in again.

#73 The Bohunk

Senior member

Group: Members
Posts: 172
Joined: 04 October 2011
Location:USA

Posted 12 October 2011 - 17:40

Darmokk, on 12 October 2011 - 17:21, said:

And I think nobody here has any illusions how much energy Turbine spends on the forum and community site. As long as it's pretty that's fine with them.

That seems to be how they're approaching the game's development, too.
We shouldn't be too surprised...

#74 thordsvin

Junior Spammer

Group: Members
Posts: 308
Joined: 02 May 2011
Server:Dwarrodelf
Kinship:Awakened

Posted 12 October 2011 - 17:48

Silirien, on 12 October 2011 - 15:53, said:

They are trying to hide any comments about what happened with a spam of people retweeting this offer - the only thing you can really see when looking at the #lotro tag at the moment are the retweets, anything about the breach is low-low below and hard to spot.
This happened before when people tried to post about them removing official responses from forums etc.

Actually this give away has been going on everyday for a few weeks now. They're not trying to hide anything with this, they're just sticking their heads in the sand.

Edit: And now they've added a flash lottery too so maybe they are trying to drown out the noise.

Proud Officer of Awakened on Dwarrodelf:
Thordsvin : Minstrel
Akahana : Warden
Thordsven : Runekeeper

Joe "Jwbarry" Barry: "... because there was a thread in the book to hang ourselves from..."
Sapience: "No gear is permanent. Characters 'out grow' their gear."
"We will not sell end-game gear. "
Orion: "Something needs to go here"

#75 Dalthalion

Experienced Spammer

Group: Members
Posts: 1,099
Joined: 03 May 2011
Location:California
Server:Windfola
Kinship:Danger Associated

Posted 12 October 2011 - 17:57

thordsvin, on 12 October 2011 - 17:48, said:

The Romans had a term for distractions like this: panem et circenses

"Getting a chuckle out of reading unofficial forums. Don't confuse us with facts, we have conspiracies to promote! :)" - Sapience (@rickheaton), in full denial
"If someone who always supports a position is a shill , does that mean someone who refutes it constantly is a shill for the opposition?" - Sapience (@rickheaton), a shill
"Pssst, people who think they're being sooper sekret.... I see you! :)" - Sapience (@rickheaton), waxing paranoid
"Hate to ruin a perfectly good conspiracy theory, but I never worked on Hellgate. Sorry folks." - Sapience (@rickheaton), former associate of Ping0
"One last thing I'd like to mention is that there seem to be some former members of the community who have decided to add to the concerns and issues surrounding the transition by misrepresenting some facts. Primarily, banning is almost always a last resort. It usually takes a willful act (indeed a series of them) on the part of the party being removed from the community to get banned. Multiple warnings, infractions, and appeals are usually involved. Often times warnings are informal and sent via PM or a simple post asking those involved to change the subject, refrain from posting certain topics, etc." - Sapience, LOTRO Forum Topic Clarification Needed On Profanity Community Guideline
"I may never leave work. Tornados keep popping up between me and home." - Sapience (@rickheaton), with a poor understanding of justice
"... this *is* Sapience we're talking about, he's a big, mean....****Bzzzzzztttt****cli ck****Account Deleted...****" - Arbalister, Sapience's fanboy, in a moment of rare insight.
"It's not what you say, it's how you choose to say it." - Sapience, LOTRO CSM
"It is not what you say that matters, but the manner in which you say it ..." - William Carlos Williams, avowed socialist
Sapientis bardus est.

#76 Agra

Experienced Spammer

Group: Moderators
Posts: 572
Joined: 30 April 2011
Twitter:@lux_lotro
Location:Myrthenhof 6, Weinhall, Auenland
Server:Morthond
Kinship:Lux aeterna

Posted 12 October 2011 - 17:59

thordsvin, on 12 October 2011 - 17:48, said:

Edit: And now they've added a flash lottery too so maybe they are trying to drown out the noise.

Eventually they could not fix the issue soon, because they are not hosting a vBulletin out of the box.

#77 Vardiel

Junior Spammer

Group: Members
Posts: 404
Joined: 28 April 2011
Twitter:@KarmaKarhu
Location:Finland
Server:Evernight
Kinship:Ardorin Hovi

Posted 12 October 2011 - 18:17

Darmokk, on 12 October 2011 - 17:05, said:

Best part, or "best" part? I think "best" part is that we suffer from their failures. Best part would be jobs lost and new people hired as well as new modus operandi. Wishful thinking of course.

- Don't listen to what I say, but what I think.

#78 Bell of Eternity

Junior member

Group: Members
Posts: 16
Joined: 30 April 2011

Posted 12 October 2011 - 18:20

Unsalted passwords? I guess I shouldn't be surprised, the fact that this hole exists in the first place is informative of their security practises in general. Tell me they were in md5 too? - I guess they were, if someone's been able to figure that they're unsalted.

If I were made an unsalted password storage, my boss no doubt would come around and slap me around with my keyboard. But since we use Cake framework, salting comes built in already...