# HACKED!?



## Charrio (Aug 12, 2007)

WTF? Are you all seeing this?


----------



## crimsonwolf90 (Aug 12, 2007)

acually yes.^^

someone chaned the attention thing....and, although funny, isn't right.


----------



## Sslaxx (Aug 12, 2007)

Oh boy... don't people have anything new to do other than lame crap like this.


----------



## Charrio (Aug 12, 2007)

crimsonwolf90 said:
			
		

> acually yes.^^
> 
> someone chaned the attention thing....and, although funny, isn't right.


***Copied from the rightside Fender info thingy***

I just stole all the databases! All your passwords are belong to us.

Again.

We are Keyser Soze.

And we have hacked FurAffinity, from INSIDE THE HOUSE (Or at least, FA:United!)

We control all the horizontal, the vertical, we control all that you see and hear.

We can bombard you with a thousand fatfurs, or expand one shitty babyfur to crystal clarity...

AND BEYOND!

Welcome to.. The Furry Limits.

This is an Informational Broadcast by the Society for The Prevention Of Huge Jew Noses.

9

7

3

6

5

9

FOREVER


----------



## Charrio (Aug 12, 2007)

So does this mean we all have to change our passwords immediately or after we gain control again?


----------



## Janglur (Aug 12, 2007)

MAYBE NOW the admin will take security issues seriously?


----------



## Sslaxx (Aug 12, 2007)

Probably. I'd do so just to be on the safe said.


----------



## Dr.Wilopolis (Aug 12, 2007)

Argh, what kind of MORONS would just jump on into FA like this? *sigh* Hope the REAL owners get it back. Well, I changed my passwords. May not matter atm, but I don't care. Ugh... what are they thinking?! Well... Admins better do something soon.


----------



## Sslaxx (Aug 12, 2007)

It'll likely not be worth changing the password until the site is restored to normal, Wilopolis.


----------



## Orlith Nemeth (Aug 12, 2007)

Well, this is rather unfortunate... hopefully it gets rectified soon  poor FA always being abused....


----------



## Janglur (Aug 12, 2007)

Dr. Wil, if the DB has been compromised (and it sure fucking looks that way) then they can see your NEW password right now, too.

You're supposed to change it AFTER they regain control...


----------



## kawayama (Aug 12, 2007)

it's probably a better idea to wait to change your password until AFTER this is fixed. right now all you're doing is supplying the hackers with your new password.
if you use the same password on other sites, you should probably change it. now.


----------



## STrRedWolf (Aug 12, 2007)

Crap.  Now I'm at the "Can I *really* trust the admins now?" stage.


----------



## Lynxia (Aug 12, 2007)

Site is down now.

Lets just hope the Real Admins done it and are fixing things at the moment.


----------



## tagnard (Aug 12, 2007)

If i am correct they store our passwords as MD5 so we don't have to worry. But they just have to look in the access_log for the webserver to see whos is tha bad guy >.<'


----------



## crimsonwolf90 (Aug 12, 2007)

wow, never had this happen to me before.  I guess there's a first for everything.


----------



## Aikon (Aug 12, 2007)

These little basement dwelling computer geeks are pissin' me off.  These are the kind of people that you just wanna wrap both hands around their scrawny little necks and squeeze until the cows come home.  I might not even let go then.  This is seriously getting annoying....


----------



## Janglur (Aug 12, 2007)

STrRedWolf said:
			
		

> Crap.  Now I'm at the "Can I *really* trust the admins now?" stage.



When it became clear SOME kind of security leak occured over a month ago and no action was taken to correct it, it became clear then that admin weren't able to be trusted with our security.  Or privacy.

This just confirms the first.


----------



## codewolf (Aug 12, 2007)

I doubt that it would be programmed without using md5 encription


----------



## Janglur (Aug 12, 2007)

Explain why there were dozens of 'I can't log in' posts right before it went down then, Code?


I fear that my sources tell me the server's been compromised on a massive scale.


----------



## crimsonwolf90 (Aug 12, 2007)

This is just frustrating.  Not to mention this makes me want find the blasted little moron and wring his neck.


----------



## edvixen (Aug 12, 2007)

Who else thinks this is the invasion group from 4chan? :? i don't wanna name things but come on.... "the pool is closed..." :x


----------



## SDWolf (Aug 12, 2007)

[Redundant post deleted.  Sorry!]


----------



## Sslaxx (Aug 12, 2007)

This looks like this could mean FA is down for a while, then... things are fitting together in a bad way indeed, Jangular! It looks like you're quite right that the security leak was more than the FA admin let on.


----------



## SDWolf (Aug 12, 2007)

Sheesh, if it's not one thing, it's another.  I'm just hoping the next build of FA's software (to be released When It's Ready(tm), which will hopefully be Soon(tm)), will be hardened against this sort of thing.

I have a feeling the admins aren't commenting here because they're either (a) busy at FA:U, or (b) too busy trying to fix the problem and get the site back up.  They probably started out at (a), but since the "temporarily offline" page is up, I'm sure they're at (b) now.

Also, has anyone else noticed that the forums are insanely slow right now?  I'm even getting MySQL "too many connections" errors.  DoS attack, or just too many furs wondering where their fapping materials went?  (j/k!)  

Take care, and good luck, Admins!


----------



## Chomperz (Aug 12, 2007)

I'm playing skeptic till i hear official words from the admins.

i mean seriously, if you had access to a popular site and you blew it on just resizing thumbnails, well... that's just dumb.


----------



## codewolf (Aug 12, 2007)

Janglur said:
			
		

> Explain why there were dozens of 'I can't log in' posts right before it went down then, Code?
> 
> 
> I fear that my sources tell me the server's been compromised on a massive scale.


well im afraid your sources maybe slightly screwed then mate.....

the reason it would have done that is that if a site is going down one of thae main thigs that goes first is the database or rather the connection to it...therefore if they tried to log in basically they'd be sending their passwords off into nowhere as there is nothing to reference the password to.....

and for those of you that dont know...if something has been stored in a database using MD5 encription the password field in the database would read something along the lines of 51D7FE4312 rather than your password ("fish" for example)


----------



## HyBroMcYenapants (Aug 12, 2007)

OK ALL I HERE IS THIS.......BAWWWWWWWWWWW


LOL JUST KIDDING BUT DAMN YA'LL GOT OWNED


----------



## Orlith Nemeth (Aug 12, 2007)

SDWolf said:
			
		

> Also, has anyone else noticed that the forums are insanely slow right now?  I'm even getting MySQL "too many connections" errors.  DoS attack, or just too many furs wondering where their fapping materials went?  (j/k!)
> 
> Take care, and good luck, Admins!



Thats actually probably the case, since last time i actually managed to connect to the Site Status forum, there were 466 guest users, and countless more registered users viewing the forum :/


----------



## dave hyena (Aug 12, 2007)

Preyfar made a site status post, giving some infomation about this:

http://www.furaffinityforums.net/showthread.php?tid=11488

More details will follow.


----------



## Sslaxx (Aug 12, 2007)

Wasn't it FA that had, unencrypted, passwords available via port 80 once? Why, Codewolf, should _anyone_ believe that the passwords are in anything other than plain text or ROT13 at best?


----------



## crimsonwolf90 (Aug 12, 2007)

I've got a word for this and it rhymes with muster bluck...^^

...anyways, one of the admins is on and aperently the database was just fine, at least, that's what they said.  It was "untouched" so to speak.


----------



## Allan (Aug 12, 2007)

I hear from a reliable source that someone got banned as a result of this drama.


----------



## codewolf (Aug 12, 2007)

Sslaxx said:
			
		

> Wasn't it FA that had, unencrypted, passwords available via port 80 once? Why, Codewolf, should _anyone_ believe that the passwords are in anything other than plain text or ROT13 at best?



because, to be perfectly honest...you'd have to be some sort of retard to not have passowrds encypted on a site with well over 40,000 users on it


----------



## SDWolf (Aug 12, 2007)

Hrmmmm....



			
				Preyfar said:
			
		

> An administrative account was taken over...



Lovely.  Strong Passwords, anyone?

*le sigh*


----------



## Stratelier (Aug 12, 2007)

(Better change my forum pass just to be sure, separate accounts should use separate pwds anyway, but they get harder to remember that way....)


----------



## Jade-Starrz (Aug 12, 2007)

Well this was nice to wake up to. Now I can't check anything and some little hacker moron should have a foot shoved up his bum. I don't understand how people can have nothing else to do with their time to the point of hacking.


----------



## Dragoneer (Aug 12, 2007)

SDWolf said:
			
		

> Hrmmmm....
> 
> 
> 
> ...


The issue in question did not have to do with password strength -- it had to do with a vulnerability using public wireless networks.


----------



## Janglur (Aug 12, 2007)

Sslaxx said:
			
		

> This looks like this could mean FA is down for a while, then... things are fitting together in a bad way indeed, Jangular! It looks like you're quite right that the security leak was more than the FA admin let on.





			
				codewolf said:
			
		

> Janglur said:
> 
> 
> 
> ...



I answer this with the following quote:



			
				Sslaxx said:
			
		

> Wasn't it FA that had, unencrypted, passwords available via port 80 once? Why, Codewolf, should _anyone_ believe that the passwords are in anything other than plain text or ROT13 at best?




Considering the DB leaked not once, but twice, unencrypted..  yyyeeaaahhh.  Wouldn't surprise me if it wasn't encrypted now, either.  And a metric buttload of people couldn't log in.  Ten minutes later, errors came up, then moments later the site's down.  I doubt a ten mintue timespan was JUST a case of server shutdown.  Seems a bit too long.

And we all know that at least one account leaked today.  I would not remotely doubt that it was more serious than admin are letting on, and the site defacement was only the tip of the iceberg.
After all, the stuff staff usually dismiss as unimportant seems to consistantly blow up in their face.

After all, the last security issue was 'not that big a deal', enough that they didn't feel it necessary to even casually mention it.  Until another admin went batshit over the implications.  That admin lost, plus the drama it ensued, was pretty big enough to have warranted more attention than was given (see:  none).  Now this security breach...
Are we all now paying for this oversight?

Thank god I changed my password when that drama happened, and took down all my art.


----------



## falderal (Aug 12, 2007)

Janglur said:
			
		

> Dr. Wil, if the DB has been compromised (and it sure fucking looks that way) then they can see your NEW password right now, too.
> 
> You're supposed to change it AFTER they regain control...



No. If worse comes to worse, they can just deny all connections to Furaffinity's servers and get to it from the physical location of the servers. Don't worry, the data is quite safe, very easy to disable network connections or hit the power buttons while they sort out through the extend of the comprimise.


----------



## devillo (Aug 12, 2007)

The forums are lagging probably because EVERYONE is on them going mental over this. Which is fair enough. This whole security thing happening AT FA:U (which is what the post suggests to me) means someone left a computer unattended or left the password on it, and someone therefore just dropped the ball. Ah well, Hopefully tomorrow some 12 year olds power gets blown and he has to do without the internet for half an hour. He just might explode.


----------



## Jade-Starrz (Aug 12, 2007)

Sslaxx said:
			
		

> This looks like this could mean FA is down for a while, then... things are fitting together in a bad way indeed, Jangular! It looks like you're quite right that the security leak was more than the FA admin let on.





How do you figure? Just curious... I am new to the site so I am still trying to figure things out.


----------



## Dragoneer (Aug 12, 2007)

Janglur said:
			
		

> Considering the DB leaked not once, but twice, unencrypted..  yyyeeaaahhh.  Wouldn't surprise me if it wasn't encrypted now, either.  And a metric buttload of people couldn't log in.  Ten minutes later, errors came up, then moments later the site's down.  I doubt a ten mintue timespan was JUST a case of server shutdown.  Seems a bit too long


An administrator account was exploited, but the database is fine. You can not access the full database from an admin account -- you have to do it through a root account, and the root is fine. The DB is fine.


----------



## Sslaxx (Aug 12, 2007)

And why, exactly, should we believe you Preyfar? Janglur points out that the things you dismissed as unimportant tended to backfire on you. One lesson should be, if you're humble enough to learn it, is that _everything is important_.


----------



## Liode (Aug 12, 2007)

*growls darkly* Hackers?! Lead me to them! Anyone with the audacity to hack into a community like this shall merit themselves a serious scar or two...

But...as long as the security issue is fixed...and soon...

Hmm...maybe now they'll take us seriously...?


----------



## codewolf (Aug 12, 2007)

Janglur said:
			
		

> Are we all now paying for this oversight?



last time i checked...youh had'nt payed a singe penny (cent/whatever) towards fa....


----------



## falderal (Aug 12, 2007)

Janglur said:
			
		

> Sslaxx said:
> 
> 
> 
> ...



If a computer is being subjected to more than a usual amount of traffic or stress, then it can most certainly take longer to shutdown. It's very easy to disable connections with right click, and click stop.
Even if not, when any server is taken down, say the server for the site's Database: SQL, which they do run, there is no data coming in from that server and computer's tend to not like when they were receiving data and suddenly it stopped. 
There would be a lot more problems if a high security account was broken into, we may not even see anything at all, the domain may even come up saying it's for sale. I would think that they were more concerned about the security breach than about putting up a webpage saying that furaffinity is down.
In all, that it took the time it took, is admirable. It takes some of the administrators longer than that to respond to big problems where I work. The damage is more than likely serious but not critical.


----------



## Dragoneer (Aug 12, 2007)

Sslaxx said:
			
		

> And why, exactly, should we believe you Preyfar? Janglur points out that the things you dismissed as unimportant tended to backfire on you. One lesson should be, if you're humble enough to learn it, is that _everything is important_.


My account was the one that was jacked and admin accounts can not access the DB -- you can only do that through root, and root is fine. My root password is much more secure and is fine.

My admin account got hijacked due to a vulnerability with wireless systems, we were aware of it, but due to certain issues not able to fix it when we wanted to. The damage is small, and affects only those people who accessed FA over wireless while attending FAU. Due to the hotel's anonymous, free wireless, there is no way to track the data and there -- and this is problem of any free public wireless system.

We've locked the site, secured what we can and are currently looking into seeing what damage has been done. Thankfully, Crypto and I were able to get stop the problem roughly after 10 minutes after it started, so I think the damage is minimal at best. We know WHO did it, too.


----------



## STrRedWolf (Aug 12, 2007)

Preyfar said:
			
		

> The issue in question did not have to do with password strength -- it had to do with a vulnerability using public wireless networks.



Someone forgot to shut down Telnet and use SSH instead... lovely.


----------



## crabby_the_frog (Aug 12, 2007)

Preyfar said:
			
		

> Snip.
> 
> We know WHO did it, too.



Well, that's great news, indeed. Hopefully you'll be able to learn how said person did whatever to get your password, and as such, develop a new defence agaimst it?

I dunno... but it's good to hear that things are under control. Possible hackings aside, how was the convention?


----------



## Jade-Starrz (Aug 12, 2007)

crabby_the_frog said:
			
		

> Preyfar said:
> 
> 
> 
> ...



Fabulous news!


----------



## falderal (Aug 12, 2007)

Preyfar said:
			
		

> Sslaxx said:
> 
> 
> 
> ...



Ah, perfect sense. This is why I'm even concerned about setting up a wireless network at home, even with encryption. Well, and the government can't do anything about open access, any open connection is not illegal to get onto, you're not hacking into anything.


----------



## Uzza (Aug 12, 2007)

I found this just a little while ago on the lulz IRC.

http://userscripts.org/scripts/show/11207

As someone said on #FurAffinity, the hacker could have embedded it somewhere which caused the huge thumbnails.


----------



## Jade-Starrz (Aug 12, 2007)

cardia said:
			
		

> Preyfar said:
> 
> 
> 
> ...



Bullshit. You can be hacking anything. If it isn't yours and you get into a Data Stream, even to view it or copy something that isn't yours, its hacking. Wireless can be better protected with encryption and if people get in anyway that is hacking too. There is a reason so many rules about the net are fuzzy...


----------



## Dragoneer (Aug 12, 2007)

STrRedWolf said:
			
		

> Someone forgot to shut down Telnet and use SSH instead... lovely.


That is not what happened. We do, however, know exactly WHAT happened... and we have fixed it, and are working on adding additional securities right now.


----------



## Lt_Havoc (Aug 12, 2007)

Well, are the Passwords save or not? Thats the main question. I dont want my security compromised just for some asshole who thinks he can hack accounts and sites. Aslo, pray to god you use MD 5 enryption, if not, I come around and kick your ass personally.


----------



## uncia (Aug 12, 2007)

Preyfar said:
			
		

> My admin account got hijacked due to a vulnerability with wireless systems, we were aware of it, but due to certain issues not able to fix it when we wanted to. The damage is small, and affects only those people who accessed FA over wireless while attending FAU. Due to the hotel's anonymous, free wireless, there is no way to track the data and there -- and this is problem of any free public wireless system.
> 
> We've locked the site, secured what we can and are currently looking into seeing what damage has been done. Thankfully, Crypto and I were able to get stop the problem roughly after 10 minutes after it started, so I think the damage is minimal at best. We know WHO did it, too.



*nods*. Known vulnerability; discussed a couple of times last year. Thought one suggestion (in the interim) was to have ghost admin accounts for use at cons where that was going to be an issue.

Anyhow...
'grats on closing things down so quickly. Go throw the book at 'em and good luck getting everything back on-line securely asap. 
(Hoping the 'con has been fun, aside from that... Has to beat a weekend working here at least, oh, 100 fold... ^^).

Cheers,
David.


----------



## Madathlon (Aug 12, 2007)

Well no matter what.. the big question is way bother.. Its not like breaking into the FBI or Bank of Boston system.. what real gain is there from hacking FA??


----------



## Janglur (Aug 12, 2007)

...
If this vulnerability has been known about for so long..


WHY WAS IT NOT FIXED!?

*Flails and froths, as he has reached the point where his stomach has welled into his mouth and it has begun spitting bile onto his brain*


----------



## creaturecorp (Aug 12, 2007)

Madathlon said:
			
		

> Well no matter what.. the big question is way bother.. Its not like breaking into the FBI or Bank of Boston system.. what real gain is there from hacking FA??



Because it creates furry drama! (which is funnier than any other drama)


----------



## uncia (Aug 12, 2007)

Madathlon said:
			
		

> Well no matter what.. the big question is way bother..



"Because it's there..."

Besides; there's less of a belief that hacking FA will lead to several years inside whereas that's a more realistic outcome doing so with a major-league bank and getting caught. Presuming they don't take you on to their security team, that is.


----------



## Madathlon (Aug 12, 2007)

It sad, of all thing its childish..


----------



## STrRedWolf (Aug 12, 2007)

Bah don't want drama want art!


----------



## BlackWind_Zero (Aug 12, 2007)

Madathlon said:
			
		

> Well no matter what.. the big question is way bother.. Its not like breaking into the FBI or Bank of Boston system.. what real gain is there from hacking FA??



what is the gain of hacking FA? well it may sound insignificant but Identity theft can occur from such a thing by gathering your personal info from profile and following up from there if someone wants to be annoying (thats for instance)


----------



## Litre (Aug 12, 2007)

hay guys when is da search coming back?!!?!


----------



## falderal (Aug 12, 2007)

Jade-Starrz said:
			
		

> cardia said:
> 
> 
> 
> ...



I agree, if it isn't yours, ask and don't assume. I was just saying that it's not really against the law to access an open connection, without asking: http://news.com.com/FAQ+Wi-Fi+mooching+and+the+law/2100-7351_3-5778822.html

Now, what they did is against the law as they went further to break in. I'm just saying, that getting onto an unprotected access point to surf the internet, and similar acts that don't result in illegal activity is not so illegal.


----------



## uncia (Aug 12, 2007)

Janglur said:
			
		

> If this vulnerability has been known about for so long..
> 
> 
> WHY WAS IT NOT FIXED!?



Where and how would you hide a client-side encryption key?



			
				Janglur said:
			
		

> *Flails and froths, as he has reached the point where his stomach has welled into his mouth and it has begun spitting bile onto his brain*



Erm, *steps back and calls in the cleaners*

Safe to say the likelihood of this happening twice ain't that large and generally doesn't apply outwith con- type scenarios (unless the "hackers" are /really/ slinky).

d.


----------



## Nohbdy (Aug 12, 2007)

F it. Nevermind.


----------



## Swatcher (Aug 12, 2007)

Pretty pathetic for a hack, if the intent was to cause drama.


----------



## Poink (Aug 12, 2007)

Two hacks in less than one month !
WHAT THE INTERNET POLICE IS DOING ;;


----------



## falderal (Aug 12, 2007)

Poink said:
			
		

> Two hacks in less than one month !
> WHAT THE INTERNET POLICE IS DOING ;;



I thought that was earlier on this year, back in february?


----------



## STrRedWolf (Aug 12, 2007)

uncia said:
			
		

> Erm, *steps back and calls in the cleaners*
> 
> Safe to say the likelihood of this happening twice ain't that large and generally doesn't apply outwith con- type scenarios (unless the "hackers" are /really/ slinky).
> 
> d.



That's why they hold DefCon where you better be secure 100% of the time.


----------



## kitsunefoxfire (Aug 12, 2007)

Whats the point in hacking theres nothing to gain from it,so you did big deal you cant brag or you will get caught.and you may think its amusing so what like anybody cares.
Childish pranks from somebody that needs to grow up.


----------



## Poink (Aug 12, 2007)

cardia said:
			
		

> Poink said:
> 
> 
> 
> ...



I DUNNO, LOL
Maybe.
Sorry, I don't even know what day we are today.
pisssh, holidays !


----------



## Starburst (Aug 12, 2007)

cardia said:
			
		

> Poink said:
> 
> 
> 
> ...



Uhm...no...

It was rerouted by Alkora in late July.


----------



## uncia (Aug 12, 2007)

cardia said:
			
		

> Poink said:
> 
> 
> 
> ...



*nods*. The other recent incidents were not hacks and I thought the previous account hijack was a bit before then, but would have to check (no fun given current lag).

Regardless; makes sense to spend some time making sure everything's AOK to bring back up smoothly rather than just putting FA back on line with "fingers crossed". A lil' bit of patience relative to all the nightmare server issues we had last half 2006/early 2007, thanks. *claws crossed on that*


----------



## Janglur (Aug 12, 2007)

Hey, keep the server down all week for security, bug, maintainance, and harassment and cleanup.
Have it come up better than ever, and save a fortune on bandwidth.


----------



## Dr.Wilopolis (Aug 12, 2007)

Janglur said:
			
		

> Dr. Wil, if the DB has been compromised (and it sure fucking looks that way) then they can see your NEW password right now, too.
> 
> You're supposed to change it AFTER they regain control...





			
				kawayama said:
			
		

> it's probably a better idea to wait to change your password until AFTER this is fixed. right now all you're doing is supplying the hackers with your new password.
> if you use the same password on other sites, you should probably change it. now.



Dear sirs/madams: 

I knew that. I just prefer doing confusing acts. It makes things a tad difficult for them.  I figured, why the hell not? I was already planning on altering it AFTER the database is secure again. Besides, it's part of what makes me, well 'me'.


----------



## SDWolf (Aug 12, 2007)

Ah, okay.  Let's file this under "Why Not to Use Unencrypted Wireless Connections for Admin Purposes."  That's basically broadcasting your password for all to see.  Oops.

Also, maybe some flavor of HTTPS (SSL3/TLS) login might also be a good thing to add sometime...


----------



## Janglur (Aug 12, 2007)

SaveFace.exe status
Process:  Failed


----------



## Fox Glove (Aug 12, 2007)

Fuck. I want to post my art.
...All I can say is fuck.
We better get a full story about this.


----------



## fastturtle (Aug 12, 2007)

Janglur said:
			
		

> Hey, keep the server down all week for security, bug, maintainance, and harassment and cleanup.
> Have it come up better than ever, and save a fortune on bandwidth.



I'll second this suggestion as it makes sense. Not only do you need to clean things up but it gives a damn good excuse to implement some of the changes that have been waiting.


----------



## Vitae (Aug 12, 2007)

lolz...
seriously im laughing


----------



## ClearlyVegex (Aug 12, 2007)

Yeah, this is me and I'll probably regret be making another alt account, but I just want to know what in the hell is going on

Who hacked who? Is FA dead forever?


----------



## Tom Cloudkicker (Aug 12, 2007)

I'm worried because apparently while this was happening, I was trying to upload some stuff to my FA page.


----------



## Poink (Aug 12, 2007)

ClearlyVegex said:
			
		

> Yeah, this is me and I'll probably regret be making another alt account, but I just want to know what in the hell is going on
> 
> Who hacked who? Is FA dead forever?



OMIGAWDYOU

Oh and FA will prolly come back
PROLLY
I NEED MY PORN


----------



## codewolf (Aug 12, 2007)

Vegex said:
			
		

> Yeah, this is me and I'll probably regret be making another alt account, but I just want to know what in the hell is going on



meh i think they'll let you of this once...they should do as you're currently only asking for info as to wtf is going on


----------



## uncia (Aug 12, 2007)

Vitae said:
			
		

> lolz...
> seriously im laughing



Eh... not _that_ funny, but gotta admit whoever did have patience to wait to hook Preyfar's account rather than anyone else's.



			
				RoseTheSexKitten said:
			
		

> Fuck. I want to post my art.
> ...All I can say is fuck.
> We better get a full story about this.



Already posted on the previous pages + Preyfar's announcement.

Admin account compromised on an insecure wireless network. Temporary hijack and FA brought down to ensure everything's AOK before being switching back on again.
As noted by Preyfar and myself, it was a known issue but no precautions were taken to use "invisible" admin accounts from such settings and thus we've taken a one-off hit on this.
It could've been much worse, but hopefully lesson learned IRL rather than just "in theory" as it was before.

d.


----------



## TheGru (Aug 12, 2007)

ClearlyVegex said:
			
		

> Yeah, this is me and I'll probably regret be making another alt account, but I just want to know what in the hell is going on
> 
> Who hacked who? Is FA dead forever?



Yea it appears that someone hacked Preyfar's account at FA:U and had a feild day on FA, the administration is working this out, hopefully with minimal trouble.

No FA is not dead forever.


----------



## SDWolf (Aug 12, 2007)

ClearlyVegex said:
			
		

> Yeah, this is me and I'll probably regret be making another alt account, but I just want to know what in the hell is going on
> 
> Who hacked who? Is FA dead forever?



Apparently _someone_ (they aren't saying exactly who, probably for legal reasons) hijacked Preyfar's/Dragoneer's admin account by exploiting an "issue" in public wireless networks (i.e.: they're NOT secure), then proceeded to make some.. adjustments to the layout of the site, as well as some (questionably) humorous admin notices.

The site is now down while they assess the damage and make repairs.  No, it most likely isn't "dead forever."  FA will be back up When It's Ready(tm), which Should(tm) be Soon(tm).


----------



## Stratelier (Aug 12, 2007)

RoseTheSexKitten said:
			
		

> Fuck. I want to post my art.
> ...All I can say is fuck.


Agreed (albeit with proper language).  I just registered today, so you can imagine how much stuff _I'M_ waiting to post!  (And what's FA:U ?)

I don't know if this helps, but I know of some sites (like BugZilla) with an option that restricts a user's login session to whatever IP they logged in as . . . if the problem is as Preyfar says, such an option could perhaps have stopped the hijacking.

...Or, on the other hand, delayed it until later.


----------



## uncia (Aug 12, 2007)

Stratelier said:
			
		

> Agreed (albeit with proper language).  I just registered today, so you can imagine how much stuff _I'M_ waiting to post!



Cool!  Welcome on board, Stratelier, and apologies for the bad timing...

FA might be sluggish if it comes back online at/near peak time, so please be a bit patient if so.



			
				Stratelier said:
			
		

> (And what's FA:U ?)


http://faunited.org/

Sorry; time machine required now... (But looking forward to reading 'bout how that all went).

Best wishes,
David.


----------



## sgolem (Aug 12, 2007)

FA:U is FurAffinity United.  'Tis a convention.

I appolgize if this has been answered, but is there any way of knowing how long things are gonna be down, or is it wait and see at this point?  I can wait, but it would be nice to know.


----------



## darkdoomer (Aug 12, 2007)

Stratelier said:
			
		

> RoseTheSexKitten said:
> 
> 
> 
> ...


FA:United is just a convention they organized recently. otherwise i highly doubt bugzilla could help in any way in this situation, lol.


----------



## Stratelier (Aug 12, 2007)

> Cool! Very Happy Welcome on board, Stratelier, and apologies for the bad timing...


Bad timing indeed.  (You can just call me "Strata" for short, because I go by the name 'Stratadrake' virtually everywhere else, but I wasn't sure about the registration process here, so I guess I'm stuck with this nick on the forum side, not sure if I should register my proper username because multiple accounts are generally bad karma)


----------



## balt-lightning (Aug 12, 2007)

Now lets all calm and hope for the best <3
Hackers are so lame :[


----------



## Janglur (Aug 12, 2007)

Isn't Lame typically defined as attempting to perform some impressive feat, but utterly failing to impress anyone?


'Cuz this is pretty impressive.  Just... not in any good kind of way.
And impressive, in a bad way, for more than the hacker.


----------



## ADF (Aug 12, 2007)

Woot! Woot! Woot!

Seriously now, FA was already somebody  Well I hope everything goes ok.


----------



## uncia (Aug 12, 2007)

sgolem said:
			
		

> I appolgize if this has been answered, but is there any way of knowing how long things are gonna be down, or is it wait and see at this point?  I can wait, but it would be nice to know.



In the past I'd've said that depends on timezone. Over here at 2.55am that's an easier call to make.

Failing any definitive reply from those in the know, it's usually better not to be hanging around hitting <ctrl>+<f5> every 30 seconds, anyhow. And you'd be surprised how many people do /that/. (A good sign in a way, I guess... :?).

If we _are_ out for the rest of the evening, that's going to be one of a very few times since March and will have been for a good reason to ensure no other "issues".


----------



## uncia (Aug 12, 2007)

ADF said:
			
		

> Woot! Woot! Woot!


Cute! Can empathise with that ^^



			
				ADF said:
			
		

> Seriously now, FA was already somebody  Well I hope everything goes ok.


Ah... but the FA community _was already_ "somebody" a long time ago, and is even more so now, thanks to y'all. 

d.


----------



## ferinoch (Aug 12, 2007)

Seems unfortunate, but it sounds like there's a good chance it was dealt with in time to prevent something nasty.  Sorry to see somebody decided to be an ass again, but it seems like our community is sometimes the biggest fish in the barrel, so to speak. 

Good luck with all this dragoneer, and if you really know who did this, I hope you can find some way to punish or refer them for prosecution, they really deserve it. 

As for the password DB and data sure they should encrypt it. But I wonder, shouldn't y'all be practicing good password hygiene anyways? I mean, s'far as I know, y'shouldn't be using any password more than once, right. Neither should you post real sensitive stuff on a site you might not trust, nor one where y'don't trust security. But that's just a thought, adn I'll freely admit I could be wrong.


----------



## brokenfox (Aug 12, 2007)

This is a rhetorical question since I already know the answer but.... *CRYS* Why wont people leave our poor community alone?! D:

P.S. If the hack was really done for the lol's then yes I know this only feeds those losers...but whatever.


----------



## uncia (Aug 12, 2007)

ferinoch said:
			
		

> As for the password DB and data sure they should encrypt it. But I wonder, shouldn't y'all be practicing good password hygiene anyways?



*nods*. Always use strong passwords where y'can. (PIN numbers for credit cards don't count as important, I guess )

As to the FA password DB; yes that is most definitely encrypted nowadays and has been for a *long* time.


----------



## JerJer (Aug 12, 2007)

I new I shoulda checked it before it was too late D:


----------



## Voltemand (Aug 12, 2007)

lol... I come back from the con to see this mess. It truly couldnt have been a more timely hack.


----------



## cesarin (Aug 13, 2007)

it smells of arcturus again rofl...
didnt he go to FA:united ? XD


----------



## Janglur (Aug 13, 2007)

AKA Jheryn AKA Alkora AKA..

How many aliases does this guy have again?  Almost as bad as Preyfar/Dragoneer


----------



## The_Realist (Aug 13, 2007)

Allan said:
			
		

> I hear from a reliable source that someone got banned as a result of this drama.



Probably that guy Jheryn Lightfoot/Alkora Husky that got fired long ago, who still has some sort of account I think.  I'm pulling this info from here:

http://encyclopediadramatica.com/FurAffinity


----------



## Arcturus (Aug 13, 2007)

cesarin said:
			
		

> it smells of arcturus again rofl...
> didnt he go to FA:united ? XD



It wasn't me.


----------



## The_Realist (Aug 13, 2007)

ferinoch said:
			
		

> I hope you can find some way to punish or refer them for prosecution, they really deserve it.



Good point.  Hacking, of ANY kind, is illegal activity and most definitely should be reported to the authorities.


----------



## The_Realist (Aug 13, 2007)

encyclopedia dramatica said:
			
		

> Alkora Husky destroys FA
> 
> "The NEW Fur Affinity front page
> The NEW Fur Affinity front page
> ...


----------



## The_Realist (Aug 13, 2007)

To whatever bastard might be hacking my shit, I don't know how you're doing it because I'm not running VNC right now.  I don't see how you can edit while I'm typing without remote-desktoping my stuff!  STOP IT!!!


----------



## LT_Max_W_Charger (Aug 13, 2007)

this would be the .. true first time i saw this place hacked.. i was eatn ..no i wasnt i was just sittn here being a dumbass... and i reload the page and woah... this is total bullshit.. corse this isnt my furst run in on hacks.. as it will be stated in my page which i was able to get up before the site whent down. but i knew my day was gonna get fucked.. i just felt it. lol. but yeah i think they should find the person and nail them for it... i know i would.. *nods* i hope this place is back and running soon... corse i know i wont have ANY comments waitn for me cus not many comment my stuff... i feel alone LOL... but yeah... hope its all worked out and yo Real... look me up some time.. would like to talk to ya man.. *darts off to take care of his fucked up left eye*. *can be heard down the hall* GOD DAMN MOTHER FUCKING SON OF A MOTHER FUCKN BITCH GOD DAMN STUPID EYE!!! STUPID FUCKN BUSTED BLOOD VESCLES!!!! :x:shock:


----------



## falderal (Aug 13, 2007)

Stratelier said:
			
		

> RoseTheSexKitten said:
> 
> 
> 
> ...



Ah, did you post an introduction? Anyways in case not, Welcome to FA. May you stay here be a good one, despite this unfortunate situation.


----------



## Infinity (Aug 13, 2007)

Chances are this thread is going to be closely monitored by potential ED drama enthusiasts and probably the notorious, /b/. So it would probably be wise to restrain yourself from saying something that could be considered "lulzy".


----------



## The_Realist (Aug 13, 2007)

LT_Max_W_Charger said:
			
		

> this would be the .. true first time i saw this place hacked.. i was eatn ..no i wasnt i was just sittn here being a dumbass... and i reload the page and woah... this is total bullshit.. corse this isnt my furst run in on hacks.. as it will be stated in my page which i was able to get up before the site whent down. but i knew my day was gonna get fucked.. i just felt it. lol. but yeah i think they should find the person and nail them for it... i know i would.. *nods* i hope this place is back and running soon... corse i know i wont have ANY comments waitn for me cus not many comment my stuff... i feel alone LOL... but yeah... hope its all worked out and yo Real... look me up some time.. would like to talk to ya man.. *darts off to take care of his fucked up left eye*. *can be heard down the hall* GOD DAMN MOTHER FUCKING SON OF A MOTHER FUCKN BITCH GOD DAMN STUPID EYE!!! STUPID FUCKN BUSTED BLOOD VESCLES!!!! :x:shock:



dude.  Look at the post I just made a few seconds ago.  The bastard hacked it as I was typing! :*(


----------



## LT_Max_W_Charger (Aug 13, 2007)

Infinity said:
			
		

> Chances are this thread is going to be closely monitored by potential ED drama enthusiasts and probably the notorious, /b/. So it would probably be wise to restrain yourself from saying something that could be considered "lulzy".



DEA ='s Drama Enthusiasts Asocheashion { Pardon my spelln i am brain dead right now. ]:?


----------



## LT_Max_W_Charger (Aug 13, 2007)

The_Realist said:
			
		

> dude.  Look at the post I just made a few seconds ago.  The bastard hacked it as I was typing! :*(


yes so i saw... quite a panzy pussy attempt to be funny on his part yes... donno why i should say this but this little epadimic minds me of that PM virus shit thats been going around Myspace... i think this fuckers remote hackn.. and if hacking and being a kaniveing sneaky little balless bastard. just to get what he wants then he has already lost his winnings in this world.. no one likes a fuckn cheating hacking bastard when they do it just to make others lives a fuckn mess.


----------



## Infinity (Aug 13, 2007)

The_Realist said:
			
		

> LT_Max_W_Charger said:
> 
> 
> 
> ...


Chances are he's trying to get a reaction out of you, just try to ignore it or if he's remote accessing you unplug your Internet.


----------



## falderal (Aug 13, 2007)

Starburst said:
			
		

> cardia said:
> 
> 
> 
> ...



Ah. I must've missed it in the site status posts, then, or they didn't put it there?


----------



## Shakeidas (Aug 13, 2007)

It occurs to me that hacking for "the lulz" like this may just be the single most sophisticated way of proving oneself to be a moron.


----------



## creaturecorp (Aug 13, 2007)

Shakeidas said:
			
		

> It occurs to me that hacking for "the lulz" like this may just be the single most sophisticated way of proving oneself to be a moron.


Exactly. This thread is full of lulz. Ohnoez no pron!


----------



## falderal (Aug 13, 2007)

Infinity said:
			
		

> Chances are this thread is going to be closely monitored by potential ED drama enthusiasts and probably the notorious, /b/. So it would probably be wise to restrain yourself from saying something that could be considered "lulzy".



I would put in a request to monitor this thread or shutdown the thread to the administrators if it does.


----------



## Infinity (Aug 13, 2007)

(In response to post 121.)

However, people do it.


----------



## Swatcher (Aug 13, 2007)

Yep. All they're going to get out of this is a bunch of furs who are legitimately annoyed by having their passwords arguably stolen! I don't get how that's really funny. Considering the volume of FA's userbase, not a lot of us are growling and stomping either! Grrrr! Hee hee, is this drama? I dunno!


----------



## karmapolice (Aug 13, 2007)

anonymous gets a boner for anything to do with pissing furfags off, really. Because most of them make a really big deal out of things and get super dramatic, as is demonstrated in this forum.
this instance may or may not be anonymous, though, to be honest it's not really screaming anonymous to me


----------



## furryskibum (Aug 13, 2007)

*sighs*  I didn't want to come back after a whole weekend of tiling to this, but ah well!

Thanks for the informations, Dragoneer and David.  ^__^


----------



## JerJer (Aug 13, 2007)

so someone has moved on to hacking posts?

(had to ask, I'm alittle lost on the whole post thing now)


----------



## Shakeidas (Aug 13, 2007)

wolfclaw said:
			
		

> so someone has moved on to hacking posts?
> 
> (had to ask, I'm alittle lost on the whole post thing now)



http://www.furaffinityforums.net/showthread.php?tid=11514


----------



## WeretigerRei (Aug 13, 2007)

Preyfar said:
			
		

> We know WHO did it, too.


Do tell.


----------



## The_Realist (Aug 13, 2007)

I can still access FA from http://216.169.105.250/


----------



## JerJer (Aug 13, 2007)

Shakeidas said:
			
		

> wolfclaw said:
> 
> 
> 
> ...



so no hackers in post?


----------



## JerJer (Aug 13, 2007)

The_Realist said:
			
		

> I can still access FA from http://216.169.105.250/




I can access, but is it safe to sign in?


----------



## Shakeidas (Aug 13, 2007)

wolfclaw said:
			
		

> The_Realist said:
> 
> 
> 
> ...



Not terribly likely.


----------



## The_Realist (Aug 13, 2007)

wolfclaw said:
			
		

> Shakeidas said:
> 
> 
> 
> ...



Sorry, that was a combo of me being jumpy and my crappy computer doing weird shit.


----------



## The_Realist (Aug 13, 2007)

Shakeidas said:
			
		

> wolfclaw said:
> 
> 
> 
> ...



I logged in no problem, but all of my adult images were gone.


----------



## Shakeidas (Aug 13, 2007)

The_Realist said:
			
		

> Shakeidas said:
> 
> 
> 
> ...



Yeah, remember to change your password after the admins have everything back to normal.


----------



## JerJer (Aug 13, 2007)

The_Realist said:
			
		

> Shakeidas said:
> 
> 
> 
> ...



check your mature content?


----------



## Vgm22 (Aug 13, 2007)

I can get onto FA. Though the front page when it loads there are images that are blow up way huge. There's an image of a piece of S**t, some dude in glasses drinking something and a bunch other things. It's funny as hell, IMO.


----------



## OkiWolf (Aug 13, 2007)

Charrio said:
			
		

> crimsonwolf90 said:
> 
> 
> 
> ...



Keysersoze? That's a cheat code in Warcraft III :/


----------



## falderal (Aug 13, 2007)

The_Realist said:
			
		

> I can still access FA from http://216.169.105.250/



It is back up at http://www.furaffinity.net now, btw as well.


----------



## Wyrwulf (Aug 13, 2007)

Ahh, Murphy's Law in action. If you tempt Fate by using a system known to be insecure, sooner or later you're going to get burned.

Remember kids, if you're a target (and anything associated with FA will always be), start acting like it.


----------



## LT_Max_W_Charger (Aug 13, 2007)

cardia said:
			
		

> The_Realist said:
> 
> 
> 
> ...


if it was i would be able to get on ya know.. its still down from what i understand. i keep geting the offline page. -shrugs-


----------



## Sslaxx (Aug 13, 2007)

You need to refresh the page. CTRL+F5 and/or SHIFT+F5 should do the job.


----------



## SageHendrix (Aug 13, 2007)

Swatcher said:
			
		

> Yep. All they're going to get out of this is a bunch of furs who are legitimately annoyed by having their passwords arguably stolen! I don't get how that's really funny. Considering the volume of FA's userbase, not a lot of us are growling and stomping either! Grrrr! Hee hee, is this drama? I dunno!



I have to agree here.  I just changed my password yet again just a week before this latest hack job in the efforts of doing some more security on my end.  However it is all in vain now I suppose. *thinks of a new password again*

So, is their any explanation from Preyfar?  I have only got one source regarding what happened and since it is on LJ, I take the words more or less with a grain of salt.  Besides, I would not want to believe that an admin was stupid enough to log in to his admin account under an unsecured wireless network and without taking precautions about it to ensure that nothing was leaked through packet sniffs.

Are we going to get more of an explanation than 'well its back up" or what.  Normally I am not the type to nag or complain (hey, shit happens, right?) but this is not the first time this has happened to FA and seemingly out of stupidity.


----------



## Arshes Nei (Aug 13, 2007)

FA blew up on my Birthday! That fucking rocks! (Would have liked to seen better pyrotechnics though)

Well I guess it's also embarrassing when you're running a con promoting your own site...watching it get hacked...


----------



## crabby_the_frog (Aug 13, 2007)

Happy Birthday Arshes!!!!!


----------



## Damaratus (Aug 13, 2007)

Arshes Nei said:
			
		

> FA blew up on my Birthday! That fucking rocks! (Would have liked to seen better pyrotechnics though)
> 
> Well I guess it's also embarrassing when you're running a con promoting your own site...watching it get hacked...



There are aspects of this that will probably involve some well cooked crow, but, and this is a big but (I hear Sir Mix-a-lot likes them); the convention itself was an amazing success.

The numbers were very strong for a first time convention, and the help given by the staff, even when things went awry on the site was quite useful.  Those folks are some of the most amazing and helpful people that were around.

So it's best not to let what happened on the site skew how successful the convention was.

Edit: Oh and Happy Birthday Arshes.


----------



## yak (Aug 13, 2007)

Damaratus said:
			
		

> There are aspects of this that will probably involve some well cooked crow, but, and this is a big but (I hear Sir Mix-a-lot likes them); the convention itself was an amazing success.
> 
> The numbers were very strong for a first time convention, and the help given by the staff, even when things went awry on the site was quite useful.  Those folks are some of the most amazing and helpful people that were around.
> 
> ...



I'm glad it went well, i was holding my hope for it.


----------



## KagomJack (Aug 13, 2007)

cardia said:
			
		

> The_Realist said:
> 
> 
> 
> ...


Doesn't work as furaffinity.net for me.


----------



## falderal (Aug 13, 2007)

KagomJack said:
			
		

> cardia said:
> 
> 
> 
> ...



Could you try furaffinity.info?
Also, a clearing of the browser's cache might work, as the "furaffinity is down" page may still be stored in there.


----------



## yak (Aug 13, 2007)

_Don't_ use any domain name other then .net, please.


----------



## falderal (Aug 13, 2007)

yak said:
			
		

> _Don't_ use any domain name other then .net, please.



Ah okay, just cross confirming, troubleshooting axiom "trade suspected bad for suspected good".


----------



## Janglur (Aug 13, 2007)

Why not, Yak?  Are they still compromised or somethihng?


----------



## wicked sairah (Aug 13, 2007)

*raises eyebrow*

Sooo.....  Should I be worried about my password and any other sensitive info I have on here, or is all well now?


----------



## Janglur (Aug 13, 2007)

Sairah:

Staff say it's safe.

Userbase isn't sure.


----------



## wicked sairah (Aug 13, 2007)

Janglur said:
			
		

> Sairah:
> 
> Staff say it's safe.
> 
> Userbase isn't sure.



huh.. well, this worries me. :/


----------



## Janglur (Aug 13, 2007)

...sairah, is your AV a tazzy devil?


----------



## wicked sairah (Aug 13, 2007)

Janglur said:
			
		

> ...sairah, is your AV a tazzy devil?



Sure is! That's Roscoe.


----------



## Janglur (Aug 13, 2007)

*Loves on*

PM me!  I, too, am a marsupial!  Thylacinus Quiteextinctus


----------



## codewolf (Aug 13, 2007)

the passwords as far as i know have been safe, as (i belive it was)preyfar said the root access to the database was not compromised therefore noone had access to passwords


----------



## Ron Overdrive (Aug 13, 2007)

codewolf said:
			
		

> the passwords as far as i know have been safe, as (i belive it was)preyfar said the root access to the database was not compromised therefore noone had access to passwords



Eh call me paranoid, but once FA came back up I changed my password on both FA & the forums just to be safe. Mainly because online I was seeing conflicting stories which could have been just fake chat logs from IRC. Being that I was at FAU and I know the staff (might be staff next year myself) I got to talk to a few staffers about what happened when the con ended and have an idea of what actually happened.


----------



## codewolf (Aug 13, 2007)

Ron Overdrive said:
			
		

> codewolf said:
> 
> 
> 
> ...



dont get me wrong, im not saying dont change yer password, cos i have, what i'm saying is that according to preyfar the passwords were not compromised


----------



## Janglur (Aug 13, 2007)

I have a feeling you found it was far worse than they let on.

'Cuz that's been the unanimous result everytime in the past.


----------



## Ron Overdrive (Aug 13, 2007)

Janglur said:
			
		

> I have a feeling you found it was far worse than they let on.
> 
> 'Cuz that's been the unanimous result everytime in the past.



Eh I'm not at liberty to say what I believe happened because I don't want to be accused of slander when I don't know without a shadow of a doubt what happened. I came to my own conclusion based on the discussions I had and felt I should change my password to be safe. It just spiked my curiosity and did a little investigating of my own because one of my pet peeves with computers is security.


----------



## TakeWalker (Aug 13, 2007)

Janglur said:
			
		

> Staff say it's safe.
> 
> Userbase is comprised of tinfoil hat-wearing conspiracy nuts.



Fix'd. Take your pick.


----------



## Janglur (Aug 13, 2007)

Now that, TakeWalker, is totally..


True, honestly.


----------

