DarkDude Posted October 15, 2011 Share Posted October 15, 2011 It seems some people are a bit aggravated over their lack of tip.it as of late. You want to know why he's repeating himself? Because what he said covers what you need to know. Period. When he says everything, he means EVERYTHING. The information you're looking for isn't going to be on hand by everyone, so to keep targeting him after he's given quite a sufficient answer is just rude. And the whole "You've said that 3 times now" ordeal. Ok, yeah, he did. But he shouldn't have to. You're forcing him to by constantly targeting him for giving the right answer. Just because it doesn't fit your exact desires for a response and isn't fleshed out to hold your hand doesn't mean that you have to bite his head off. Seriously. I didn't ask for anything from him, i asked for information from someone who knows what is going on, like maybe Peter or Puremage. Transparency has been an issue with this site and many have left due to it.What exactly do you hope to do with this information? How does it possibly benefit you to know exactly which backups were taken? I've repeatedly said we're operating under the assumption that they have access to anything and everything related to this forum going back multiple years. I don't understand why you're so adamant to have specific but ultimately useless information... Multiple Years means absolutely nothing. What is the date is the earliest backup they had access to? How often were backups taken and were these all still stored? The fact that until now it wasn't even stated that backups spanning YEARS was likely to have been taken (which should have been stated right away in the announcement) is ridiculous and needs to be put on the front page of the site ASAP so EVERYONE knows. And if I'd never even asked when would this information have been released, or would it have been kept secret? So does years mean 2004? Late 06? Early 08? September 09? What? There's much more that could be told in top of that but that's just the start. Link to comment Share on other sites More sharing options...
spooferfish Posted October 15, 2011 Share Posted October 15, 2011 So glad we're back! :) Was kind of rough without the forums. I ventured over to another forum to try and fill the hole Tip.It left in my heart and soul. It was terrible. :( Had to have mod/admin approval for posts, 2 days passed and no approval.. Sad really. Glad to be back here, and we didn't lose anything? Link to comment Share on other sites More sharing options...
Psycho_Robot Posted October 15, 2011 Share Posted October 15, 2011 (edited) From 06 to 07 my TIF password was the same as my Q password. Then in 08 I changed it to my X password. In 09, I changed it to my Y password. In 10 I changed things up a bit and changed it to my Z password. Just a few weeks ago, I changed it to my W password. I need to know what date ranges the hackers had access to so I can change ONLY that account's password. I'd really hate to change passwords that I don't really need to, especially for services where my password has apparently been unchanged for several years. Edited October 15, 2011 by Siobhana Edited out the info for you. Don't wish to give people that much info Link to comment Share on other sites More sharing options...
Siobhana Posted October 15, 2011 Author Share Posted October 15, 2011 They have had access to our DB. They have had access to our backups. As for which they've taken there is no sure way of knowing, so assume all. Aka, go back and change all those passwords, and for your own safetys sake, use a different one for each place. Get a little black book or something. Ty Jeppoz for making it. Thx to the Pup for finding it after it got lost :D And thx to Kill_Life and Turtle for the ava. Stoltenberg, 22/7-11: "We will retaliate with more democracy" In remembrance of Oslo/Utøya. May we never forget, nor be pulled down to the level of the beast Link to comment Share on other sites More sharing options...
Mdeoxys Posted October 15, 2011 Share Posted October 15, 2011 It's good to be back! Thanks to all the people who worked hard to get everything back up and running. Proud (retired) Tip.it Times Editor! Tip.it Times Archives TET event forum Link to comment Share on other sites More sharing options...
essiw Posted October 15, 2011 Share Posted October 15, 2011 I don't get why there is such a fuss about this. Darkdude asks a question which seems reasonable to me. Then he gets told by Y_Guy the same thing over and over again (we already know your point, there is no need to say it that many times, two times would already been good to make your point). Then some people are going to argue about the people asking the question that they shouldn't do it and be glad with the answer they have gotten. Sorry but I don't get that... Just let the people reply who know the real answer instead of all mods saying the same thing over and over again, they don't want to know that answer so why are you repeating it? http://sign.tip.it/1/2/79/260/essiw.png Retired item crew I would like to be credited as essiw at the website update & corrections forum. Thanks! Link to comment Share on other sites More sharing options...
MageUK Posted October 15, 2011 Share Posted October 15, 2011 I didn't realize asking to know what exact information that was compromised was a difficult request. I apologize if I created more work. It's impossible to know unless you could hack the hacker's computer. Hence, why it is to be assumed everything and anything on tip.it and it's databases has been compromised. This is actually true. While we know what was on the servers themselves, it's pretty much impossible for us to know exactly what was taken, and so we have to assume everything was taken. This includes:IPB Forum database - probably taken between 6th - 10th OctoberphpBB Forum database - since we don't use this, the date it was taken is irrelevant but it likely covers most of the time phpBB was active (04-05 until we switched to IPB), however it should also be using a more complex hashing method which is more difficult for them to crack (with regards to passwords), but will still contain other information such as e-mails and registration IPs Hopefully that clears up some questions about what was taken, but as far as information goes, that's what we have, they may not have even taken all of that, we just have to assume they have. Why was tip.it hacked? That one mention of tip.it times in the botting newspost? These cheaters are getting ruthless... We were targetted, just like the other fansites recently, because we contain a lot of user information which they can use to try and recover RuneScape accounts, which is why we're trying to push everyone to ensure theirs is secure. Link to comment Share on other sites More sharing options...
JakeTheCat Posted October 15, 2011 Share Posted October 15, 2011 A warning to all... do a mental survey. Any other websites where you used your email address and the same password? Even casual ones? Might want to change those too, before too much time goes by. My trick. I embed a portion of the website's name in my password. That way, they are still easy to remember but still unique for each site. Link to comment Share on other sites More sharing options...
essiw Posted October 15, 2011 Share Posted October 15, 2011 Just a question, why where there still databases with old encrypted passwords and e-mails from years ago? Wouldn't it be more save to only keep the last few years? http://sign.tip.it/1/2/79/260/essiw.png Retired item crew I would like to be credited as essiw at the website update & corrections forum. Thanks! Link to comment Share on other sites More sharing options...
Kaida23 Posted October 15, 2011 Share Posted October 15, 2011 While we know what was on the servers themselves, it's pretty much impossible for us to know exactly what was taken, and so we have to assume everything was taken. So then pretty much everything obfuscator has been saying was right to begin with. That's the problem with information theft, it's almost impossible to tell what was taken as nothing is actually missing. My trick. I embed a portion of the website's name in my password. That way, they are still easy to remember but still unique for each site.That's a good idea. I may start doing that myself. :thumbup: Check out my blog to read the Adventures of a Big Damn (F2P) Hero. THE place for all free players to connect, hang out and talk about how awesome it is to be F2P. So, Kaida is the real version of every fictional science-badass? That explains a lot, actually... Link to comment Share on other sites More sharing options...
mcneilp Posted October 15, 2011 Share Posted October 15, 2011 Good to have it up and running again. Well done to the admins and crew who've no doubt had a headache with all of this. It isn't in the castle, It isn't in the mist, It's a calling of the waters, As they break to show, The new Black Death, With reactors aglow, Do you think your security, Can keep you in purity, You will not shake us off above or belowScottish frictionScottish fiction Link to comment Share on other sites More sharing options...
Racheya Posted October 15, 2011 Share Posted October 15, 2011 I think it's time for me to overhaul my passwords now. Yes, it's a faff, and annoying, but it's something that needs to be done. If you think a burgalar has a copy of your house keys, you don't leave it to chance - you change the locks. I'm glad to see Tif back :) I edit for the [Tip.It Times]. I rarely write in [My Blog]. I am an [Ex-Moderator]. Link to comment Share on other sites More sharing options...
Albel Posted October 15, 2011 Share Posted October 15, 2011 Good job admins for all your hard work, so happy to have TIF back :thumbup: [hide=Quotes]Albel/JustinAlbel doesn't say anything anymore, just comes in, leaves an arrow and vanishes into the night :(Probablypractising some euphoniumYou nearly had me fooled, you fooler youEuphonium/10.9/10. To me, always associate Albel with musical stuff in OT.Everyone with a goatee and glasses is Albel now.lmfao albel m8 wat r u doin, hi though. [/hide][hide=Runescape Achievements]99 firemaking(2007), 99 woodcutting(2008), 99 fletching(2009), 99 magic(2010), 99 cooking(2010), 99 farming(2011), 99 construction(2011), 99 runecrafting(2012), 99 Hunter (2014), 99 ranged (2015), 99 HP (2015), 99 Slayer (2015), 99 attack (2015) 99 Defense (2015) 99 Prayer (2015) 99 Summoning (2015) 99 Strength(2015) 99 Herblore (2015) 99 Dungeoneering (2017) 99 Mining (2017) 99 Crafting (2017) 99 Smithing (2017) 99 Thieving (2017) 99 invention (2017) 99 Fishing (2018), 99 Divination (2018), 99 Agility (2018), MAXED (05/17/2018)[/hide] Link to comment Share on other sites More sharing options...
Aurhora Posted October 15, 2011 Share Posted October 15, 2011 *hugs the forums* Link to comment Share on other sites More sharing options...
DarkDude Posted October 15, 2011 Share Posted October 15, 2011 This is actually true. While we know what was on the servers themselves, it's pretty much impossible for us to know exactly what was taken, and so we have to assume everything was taken. This includes:IPB Forum database - probably taken between 6th - 10th OctoberphpBB Forum database - since we don't use this, the date it was taken is irrelevant but it likely covers most of the time phpBB was active (04-05 until we switched to IPB), however it should also be using a more complex hashing method which is more difficult for them to crack (with regards to passwords), but will still contain other information such as e-mails and registration IPs Hopefully that clears up some questions about what was taken, but as far as information goes, that's what we have, they may not have even taken all of that, we just have to assume they have. So they could have multiple copies from 04/05 - September/October 2009 and then one copy from sometime between 6th-10th October 2011? So there's a two year gap where there's been no information for them to take correct? Or do they just have one copy from phpBB taken from when we switched over in 09? Either way that's a lot less severe and pretty much the opposite of "everything in the last few years" where it's pretty much "everything but the last few years" Thanks Link to comment Share on other sites More sharing options...
Kaphias Posted October 15, 2011 Share Posted October 15, 2011 I am secretly using my h4xing pr0wess to be in ur baes, destroyin yer emailz.joke plz 8,325th to 99 Firemaking 3/9/08 | 44,811th to 99 Cooking 7/16/084,968th to 99 Farming 10/9/09 | Runescaper August 2005-March 2010Tip.it Mod Feb. 2008-Sep. 2008 | Tip.it Crew Sep. 2008-Nov. 2009 Link to comment Share on other sites More sharing options...
MageUK Posted October 15, 2011 Share Posted October 15, 2011 So there's a two year gap where there's been no information for them to take correct? Or do they just have one copy from phpBB taken from when we switched over in 09? It's possible they would have the phpBB copy which covers from 04/05 to 09 and then they definitely have the IPB database which covers 09 - 11 (current). Link to comment Share on other sites More sharing options...
DarkDude Posted October 15, 2011 Share Posted October 15, 2011 So there's a two year gap where there's been no information for them to take correct? Or do they just have one copy from phpBB taken from when we switched over in 09? It's possible they would have the phpBB copy which covers from 04/05 to 09 and then they definitely have the IPB database which covers 09 - 11 (current). So they have backups from both too? You made it sound like they only had one version of each. Link to comment Share on other sites More sharing options...
MageUK Posted October 15, 2011 Share Posted October 15, 2011 The years I am quoting is what years the backups cover, not the years the backups were taken in. They had access to a phpBB backup which covered 2004/5 - 2009 and the IPB database which covers 2009-2011. Link to comment Share on other sites More sharing options...
Low C Posted October 15, 2011 Share Posted October 15, 2011 Thank-you for the reply MageUK. Not sure what the big deal was about divulging that bit of info. Link to comment Share on other sites More sharing options...
DarkDude Posted October 15, 2011 Share Posted October 15, 2011 The years I am quoting is what years the backups cover, not the years the backups were taken in. They had access to a phpBB backup which covered 2004/5 - 2009 and the IPB database which covers 2009-2011. But if it's a singular copy they've taken then surely they only got the information at the time the backup was taken. So when you say a phpBB backup surely that only contains the emails/passwords from that point in time rather than everything from 04-09. Unless I'm completely misunderstanding what you're saying there was two databases available, one from phpBB (which would be from September 09 when we switched over to IPB if it's the version I'm thinking of, but regardless at one point from 04-09) and then one from IPB this month and that's it. Link to comment Share on other sites More sharing options...
MageUK Posted October 15, 2011 Share Posted October 15, 2011 The years I am quoting is what years the backups cover, not the years the backups were taken in. They had access to a phpBB backup which covered 2004/5 - 2009 and the IPB database which covers 2009-2011. But if it's a singular copy they've taken then surely they only got the information at the time the backup was taken. So when you say a phpBB backup surely that only contains the emails/passwords from that point in time rather than everything from 04-09. Unless I'm completely misunderstanding what you're saying there was two databases available, one from phpBB (which would be from September 09 when we switched over to IPB if it's the version I'm thinking of, but regardless at one point from 04-09) and then one from IPB this month and that's it. Now I see what you're getting at... your question was a little ambiguous the way I read it. The phpBB backup is from approximately 2009 and would contain all usernames of users that registered 04-09, but only the passwords/emails which were set when we closed the phpBB forum in 09. The IPB backup would be the same, they would have data that was set between 6th - 10th October. Link to comment Share on other sites More sharing options...
Sy_Accursed Posted October 15, 2011 Share Posted October 15, 2011 So only really 2 backups then, 1 with very old data and 1 with the past weeks? Operation Gold Sparkles :: Chompy Kills :: Full Profound :: Champions :: Barbarian Notes :: Champions Tackle Box :: MA RewardsDragonkin Journals :: Ports Stories :: Elder Chronicles :: Boss Slayer :: Penance King :: Kal'gerion Titles :: Gold Statue Link to comment Share on other sites More sharing options...
MageUK Posted October 15, 2011 Share Posted October 15, 2011 We had another backup of the forum stored too on 26th September 2011, but they most likely didn't bother with it. Link to comment Share on other sites More sharing options...
DarkDude Posted October 15, 2011 Share Posted October 15, 2011 The years I am quoting is what years the backups cover, not the years the backups were taken in. They had access to a phpBB backup which covered 2004/5 - 2009 and the IPB database which covers 2009-2011. But if it's a singular copy they've taken then surely they only got the information at the time the backup was taken. So when you say a phpBB backup surely that only contains the emails/passwords from that point in time rather than everything from 04-09. Unless I'm completely misunderstanding what you're saying there was two databases available, one from phpBB (which would be from September 09 when we switched over to IPB if it's the version I'm thinking of, but regardless at one point from 04-09) and then one from IPB this month and that's it. Now I see what you're getting at... your question was a little ambiguous the way I read it. The phpBB backup is from approximately 2009 and would contain all usernames of users that registered 04-09, but only the passwords/emails which were set when we closed the phpBB forum in 09. The IPB backup would be the same, they would have data that was set between 6th - 10th October. That's exactly what I figured :). The way you said it "covers" a certain time period makes it sound like they'd have all the data from that period of time. That's a lot better scenario then, as they only have two potential passwords (and other set of information) for each user. One from from 2009ish and one from this month. That's so much better than "everything" like it was being made out to be previously. Thanks a lot for the responses. It's worth putting that a backup from roughly 09 was most likely taken too just so everyone is aware of that. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now