Lord Paul Posted July 28, 2012 Share Posted July 28, 2012 Very big congratulations and thanks to Stev for all the hard work that he has put in! And huzzah for swiftkit! Very excited to see this change. :thumbup: :thumbup: Working on max and completionist capes. 2435/2475 Link to comment Share on other sites More sharing options...
The Observer Posted July 28, 2012 Share Posted July 28, 2012 Very exciting changes and I'm excited to be a part of it. Link to comment Share on other sites More sharing options...
Jonanananas Posted July 28, 2012 Share Posted July 28, 2012 Great news :thumbsup: Link to comment Share on other sites More sharing options...
Baffler Posted July 28, 2012 Share Posted July 28, 2012 Good stuff. Link to comment Share on other sites More sharing options...
Xena_Dragon Posted July 28, 2012 Share Posted July 28, 2012 Welcome. Glad to see this happening =D> Link to comment Share on other sites More sharing options...
WildxYak Posted July 28, 2012 Share Posted July 28, 2012 Exciting stuff =D> 99: Agility 28/12/14|Thieving 20/03/15 Link to comment Share on other sites More sharing options...
Racheya Posted July 28, 2012 Share Posted July 28, 2012 This is great news and I'm sure it's going to be a great step forward for both Tip.It and SwiftKit/IRC. Really glad to see the staff moving forward in this direction :) 1 I edit for the [Tip.It Times]. I rarely write in [My Blog]. I am an [Ex-Moderator]. Link to comment Share on other sites More sharing options...
D. V. Devnull Posted July 28, 2012 Share Posted July 28, 2012 I find myself disappointed and gravely angered that this has occurred. This is made worse by the fact that it wasn't brought past the main Tip.It community first, in order to receive proper feedback on the matter. I happen to have seen quite many forum posts out on the RSOF, here at Tip.It, and such that have specifically identified SwiftKit and their SwiftIRC server as being the point at which many have been hacked and their RS accounts stolen/ruined. The damage to other users that I have seen those posts about has either happened via IP detection and DOS attack, or via some manner in which someone on the SwiftIRC network has exploited a hole on another person's computer and compromised their computer and RS account. To switch your Tip.It IRC to being a mere set of channels on SwiftIRC, and therefore open up Tip.It's users to an IRC community that is known to lack morals and has hurt others, now results in my permanent discontinued use of IRC in regard to RuneScape and related fansites. I may have used it rarely and only when necessary, but this change was a breaking point between me possibly using an IRC client actively and my not using one at all anymore. Further, I will now have to rethink my usage of Tip.It's Forums, as mixing that other community with us is going to result in many additional, and highly detrimental issues. :angry: ~Mr. D. V. "You're likely to lose some of the security-conscious folk over this..." Devnull and normally with a cool mind.(Warning: This user can be VERY confusing to some people... And talks in 3rd person for the timebeing due to how insane they are... Sometimes even to themself.) Link to comment Share on other sites More sharing options...
MageUK Posted July 28, 2012 Share Posted July 28, 2012 IP addresses on SwiftIRC are masked in exactly the same way that they were/are on our own server. The only way someone can get your IP address is if you do something which allows them to see it, again, exactly the same as on our server. As for SwiftKit, there's never been anything within it related to stealing account information or aiding with hacking ever. The only "viruses" people have claimed about from SwiftKit have been when they already had a virus infection that SwiftKit reveals. A perfect example of this is when a user's IE installation gets a virus, and because they never use IE or do a full system scan, they never find it, until they use SwiftKit which uses an IE window to browse the web, so when it gets launched, the antivirus kicks in and finds it. This usually leads to disinfection and in fact you can scan the SwiftKit installation with pretty much any virus scanner and it's perfectly clean. We would not be promoting software or services on our website if we had any suspicions that they would be used to compromise our users, that's hardly good for anyone. https://www.virustotal.com/file/3e8e4e9f6e28411918bc36ab7ec53ec2a8081b3cbf1544e6d2521df7f5ca4952/analysis/ The one detection there being quite obviously a false positive. Link to comment Share on other sites More sharing options...
dTwizy Posted July 28, 2012 Share Posted July 28, 2012 Hello \::/ Link to comment Share on other sites More sharing options...
D. V. Devnull Posted July 28, 2012 Share Posted July 28, 2012 It's far worse than that, MageUK, as the virus doesn't have to be directly in that executable, but only just a mere point of exploit. Let alone what I've already mentioned, allowing any browser (even swiftkit's) to show the adverts above the RS applet (and especially with IE's engine active) runs a high risk of the user's system getting damaged/infected. Stacked on that, it's likely most IRC users don't know how to shut off IRC DCC and/or are unable to due to whatever client they're using. Instant opening to being hit, right there. And as for the viruses/hackings/damage that have been claimed and are attributable to usage of SwiftKit, most of the ones that I'm referencing are not possible to be linked to due to having been eaten by the "page 51 monster" on the RSOF over many years. :geek: I'm afraid you guys are very unsuspecting. At this point, I'm going to leave this topic in regard to the thread be, and alone. I'll be watching from the background as the negative feedback rolls in sometime in the future. -.- ~D. V. "Far more aware than you realize..." Devnull and normally with a cool mind.(Warning: This user can be VERY confusing to some people... And talks in 3rd person for the timebeing due to how insane they are... Sometimes even to themself.) Link to comment Share on other sites More sharing options...
Arthu Posted July 28, 2012 Share Posted July 28, 2012 I happen to have seen quite many forum posts out on the RSOF, here at Tip.It, and such that have specifically identified SwiftKit and their SwiftIRC server as being the point at which many have been hacked and their RS accounts stolen/ruined. Tipit has been hacked too. Many a time.I still believe false account security is often the fault of the user......but why is this a concern?If you choose to be suspicious and blame it on service provider, you can always choose to not use swiftirc, you can always choose to not use dgsweeper, you can always choose to not use swiftkit. The unaware users who use irc would have still been unaware even before moving from the previous network to swiftirc, and potentially under threat. I do not think you could prove the previous one any more secure... well... probably more secure because of the slight lack of userbase (and therefore potential phishers). I am aware swiftirc userbase is made ofmore idiots than tip.it irc was, but you have to learn to adapt. You know, you can go play minesweeper on your computer and plug the netcable out and be all secure with only yourself? "I don't internets because there is people" is rather bad arguement, especially when stated in the internets. It's not like you should blame tip.it because userbase is fools who don't use internets while being secure.About advertisements... not only swiftkit uses advertisements. So has done (and still does) Jagex itself and tip.it too. (Even before the merge! What is this?)I also believe IE is not anymore as insecure as it used to be quite a while ago - and if it was still, you have the freedom to choose to not use swiftkit. I don't see many issues here, other than you being hating for the sake of hating. 1 99+ all 23rd March 2012 - 2496 total 13th June 2012.9000+ dragon drops! Including draconic visage, d chains, d spears, d2h, d claws, d meds, d legs, d skirts... d bones, d hides :)?I want jagex to put resource dungeons and dungeoneering skill doors to dungeoneering floors so I can dungeon and get dungeoneering xp while I dg so I don't have to dg to get dg exp, but I can dg while I dg :)? Link to comment Share on other sites More sharing options...
Cowman_133 Posted July 28, 2012 Share Posted July 28, 2012 Referencing the RSOF as evidence that SwiftKit has been involved with viruses/hackings/damage is rather laughable. We are talking about a community who frequently misuses the term 'hacked' when often no system has actually been compromised to allow said "hacker" access. More often than not, people are simply recovering accounts with weak security. During my time as a forum mod over at the RSOF, I lost count of the number of times I saw topics blaming Jagex or RuneScape for having given them a virus. A lot of RuneScape users like to look for other people to blame when something goes wrong. Bottom line is getting a virus cannot be pinned on anybody but yourself. As Peter said, SwiftKit is safe and if there ARE any problems it is a result of other viruses already on the computer, which again is the responsibility of the user to handle, not us or SwiftKit. Computer security is something each user needs to be able to do for themselves. Some time ago, Jagex began to relent in their notorious babying of users, such as the removal of tons of words and phrases from the censor. We too want to take a similar approach. In our experience, people who are irresponsible with their security will not actually fix their ways regardless of how often we post security bulletins and reminders. We wanted to be able to find a balance between keeping our users safe while also inconveniencing our users the least ie trying to not be overbearing. I think we have achieved this well with a list of approved clients while still not allowing anybody to waltz in and advertise their random-ass client with actual viruses. A good computer user is security conscious, meaning they have an updated operating system, updated browsers, good anti-virus clients and even some extra protection like NoScript for those advanced users. I would consider myself a security conscious user and so would many users of our forums and I again find it laughable that you would suggest that some of our security conscious users will be leaving over this. While you may have an underlying sense of good security, it comes off much more as paranoid. You cannot enjoy anything in life if you are paranoid about it. If you never leave the house because you might get hit by a car or if you never ride a bike because you might fall off, life suddenly becomes a boring place. Similarly, if you don't trust any tools or websites and automatically assume everything is EVIL on the internet, you're not going to enjoy the experience either. Yeah, you might get a virus from time to time, just like you might fall off a bike from time to time, but is that really a reason to lock yourself in the house? tl;dr Nobody is forcing anybody to use SwiftKit, SwiftIRC or otherwise. They are just now our partners, which means benefits for both SwiftKit/IRC and us. DK 10 Link to comment Share on other sites More sharing options...
obfuscator Posted July 28, 2012 Share Posted July 28, 2012 Wait, you mean locking yourself in the house isn't normal? :uhh: I see no security problem with swiftkit or swiftirc, used both a fair bit back in the day and have never had anything hacked. "It's not a rest for me, it's a rest for the weights." - Dom Mazzetti Link to comment Share on other sites More sharing options...
spling Posted July 28, 2012 Share Posted July 28, 2012 Speaking as someone who also has a project partnered with Tip.It, I know that this will be a great benefit for both parties involved. Glad to see some forward progress for Tip.It, and excited to see what this might bring in the future. Good luck! (Now; let's bring RuneTracker into the mix.;)) Check out RuneScript and RuneTracker! Link to comment Share on other sites More sharing options...
Cowman_133 Posted July 28, 2012 Share Posted July 28, 2012 Speaking as someone who also has a project partnered with Tip.It, I know that this will be a great benefit for both parties involved. Glad to see some forward progress for Tip.It, and excited to see what this might bring in the future. Good luck! (Now; let's bring RuneTracker into the mix.;)) Get the proposal going! :) Link to comment Share on other sites More sharing options...
Carl Posted July 28, 2012 Share Posted July 28, 2012 I find myself disappointed and gravely angered that this has occurred. This is made worse by the fact that it wasn't brought past the main Tip.It community first, in order to receive proper feedback on the matter. I happen to have seen quite many forum posts out on the RSOF, here at Tip.It, and such that have specifically identified SwiftKit and their SwiftIRC server as being the point at which many have been hacked and their RS accounts stolen/ruined. The damage to other users that I have seen those posts about has either happened via IP detection and DOS attack, or via some manner in which someone on the SwiftIRC network has exploited a hole on another person's computer and compromised their computer and RS account. To switch your Tip.It IRC to being a mere set of channels on SwiftIRC, and therefore open up Tip.It's users to an IRC community that is known to lack morals and has hurt others, now results in my permanent discontinued use of IRC in regard to RuneScape and related fansites. I may have used it rarely and only when necessary, but this change was a breaking point between me possibly using an IRC client actively and my not using one at all anymore. Further, I will now have to rethink my usage of Tip.It's Forums, as mixing that other community with us is going to result in many additional, and highly detrimental issues. :angry: ~Mr. D. V. "You're likely to lose some of the security-conscious folk over this..." Devnull I'm quite confused as to why you'd take posts on the RSOF as truth? I'm not disputing that some people post there after being hacked, but the events that lead to their account being compromised generally isn't honest or it's just uneducated. IP's on our servers are masked, regular users can't view an IP address without fooling you into unsetting particular modes which are automatically applied when you connect The only other way is if you visit a URL sent to you by an unfamiliar user, navigating to it can give them your IP address.. But if you exercise general caution, you should know not to visit URL's sent to you by strangers. You speak as if this community is hidden from the outside world and not grown up enough to handle other people, I don't know where you've been these last few years but that's an image that you've horribly distorted. It's far worse than that, MageUK, as the virus doesn't have to be directly in that executable, but only just a mere point of exploit. Let alone what I've already mentioned, allowing any browser (even swiftkit's) to show the adverts above the RS applet (and especially with IE's engine active) runs a high risk of the user's system getting damaged/infected. Stacked on that, it's likely most IRC users don't know how to shut off IRC DCC and/or are unable to due to whatever client they're using. Instant opening to being hit, right there. And as for the viruses/hackings/damage that have been claimed and are attributable to usage of SwiftKit, most of the ones that I'm referencing are not possible to be linked to due to having been eaten by the "page 51 monster" on the RSOF over many years. :geek: I'm afraid you guys are very unsuspecting. At this point, I'm going to leave this topic in regard to the thread be, and alone. I'll be watching from the background as the negative feedback rolls in sometime in the future. -.- ~D. V. "Far more aware than you realize..." Devnull DCC is disabled on our network, so you need not worry about that. Those threads you can't cite would be quite useless anyway, as already stated the facts are generally left out in "Help, my account's been hijacked!" posts.The Tip.It Administration would not have made this move if it put its users at risk, don't be silly. RIP Michaelangelopolous Link to comment Share on other sites More sharing options...
Serpent Eye Posted July 28, 2012 Share Posted July 28, 2012 I don't use either feature, but very exciting news indeed! :thumbup: to all involved! Link to comment Share on other sites More sharing options...
Simmo Posted July 28, 2012 Share Posted July 28, 2012 IP's on our servers are masked, regular users can't view an IP address without fooling you into unsetting particular modes which are automatically applied when you connect If it weren't for people with custom host names we would hard code it right into the SwiftIRC client to force everyone to use that mode. Removing the ability for people to trick you. If people have concerns or questions please feel free to post in the SwiftKit forums and we will do our best to answer them. Link to comment Share on other sites More sharing options...
iso- Posted July 29, 2012 Share Posted July 29, 2012 its really great to see the merging of two communities that honestly should have come together a long time ago. Working together using each others tools, services, man power and experience is the only way to move forward now to a brighter and large community. 5 Link to comment Share on other sites More sharing options...
WildxYak Posted July 29, 2012 Share Posted July 29, 2012 I've already made some use from the update, small things admittedly but useful none-the-less.On a side note, I've never had any 'security breaches' on my RS account through either tipit or SwiftKit and feel just as safe as before. I don't want to get involved or anything as I have no idea on the behind the scenes workings about any of this stuff! 99: Agility 28/12/14|Thieving 20/03/15 Link to comment Share on other sites More sharing options...
Plugpoint Posted July 29, 2012 Share Posted July 29, 2012 Awesome news! :D Maxed 15/06/13 Link to comment Share on other sites More sharing options...
GrandZephyr Posted July 29, 2012 Share Posted July 29, 2012 Isn't Swiftkit the same third-party client that was hacked and used to harvest peoples' accounts through an applet? Link to comment Share on other sites More sharing options...
Kimberly Posted July 29, 2012 Share Posted July 29, 2012 Isn't Swiftkit the same third-party client that was hacked and used to harvest peoples' accounts through an applet? Their web domain was compromised - not the actual program itself. Stidor made a post which Zpoon copied over to Tip.it and included steps for removing what was put onto your machine if you weren't paying attention enough to let the applet run. Hey guys just thought I'd let you know we made a post explaining what happened and what's going on right now: http://forums.zybez.net/topic/1556987-swiftkit-website-issue-explained/ One down side to SwiftKit being as popular and successful as it is, means that it has a giant target on it's back. Today we unfortunately experienced the effect of that., which is a shame really as we only exist to offer a free helpful tool to players...It really is unfortunate. As always though, we aim to be as transparent about the situation as possible. At around 3am this morning it came to my attention that someone had gained access to the domain register's account that hosts SwiftKit.net. This allowed them to transfer the SwiftKit.net domain off our account and onto their own. Once they did this they were then able to change the webserver the domain points at, to their own malicious site. The problem was that it took around 5 hours for the domain to be rightfully returned back to us. So during this time the SwiftKit.net domain was pointing to a malicious website. We'll definitely be moving to a different domain registrar in the near future. How was the intruder able to gain access to our domain account? By using a fake ID, or identity document to convince the domain hosting company to reset the e-mail address to their own. Then all they had to do was perform a simple password reset. We're very concerned that this could even happen in the first place, and that it took so long to re-gain control. We'll be looking forward to getting as far away as possible from this domain host. So what does this mean for you as a user? Not too much, SwiftKit itself wasn't affected at all, just the domain. However If you were unfortunate enough to click accept or yes on any JAVA popups that came up I suggest do you a virus scan straight away and once clean change your password. You should never accept any JAVA requests from sources you don't trust. (It states the source in the popup) We have seen this specific malware can be detected and removed by Microsoft Security Essentials. If you believe you have loaded SwiftKit in this small window and accepted any rogue Java confirmations, then it would be a good idea to run a full system scan. SwiftKit itself has several layers of protection built into the updater to prevent anyone from being able to push out bogus updates. The only way you could be harmed is if you download or accept something yourself. As it stands we now have full control of our domains and have taken temporarily steps to prevent such a situation from occurring again. DNS changes have been successfully apllied to many users and they should now be directed to the right, normal site. If you still are redirected incorrectly, try clearing your browser's history and cache, and also by going to Start > search for "cmd", and type in "ipconfig /flushdns". This will ensure the right DNS address is obtained from the server. In the coming future we will be looking to implement some permanent changes to further prevent such an occurrence, abandoning our current and frustrating registrar is one of them. We understand our well-earned reputation has been tarnished by this horrible incident, and we understand many are wary using our products in the future. That trust is going to have to be earned back, and I know for some it will be difficult. I want to personally let everyone know the safety and security of all of our users are our #1 priority. The entire SwiftKit staff, including support from our users and Jagex moderators have hopefully showed everyone that we are serious about security. If you have any hesitations or questions please don't hesitate to ask. We're also going to be posting some specific ways of checking if you are indeed infected, and removal steps if you are. Gimmie a sec. Edit: Detection and removal instructions: 1. Open Start2. In search, type "regedit" and hit Enter3. Navigate to "HKEY_CURRENT_USER\\Software\\Microsoft\\Windows" using the folder dropdowns.4. If there is a file or entry in the Windows folder called "Adobe Drivers", than you are infected and you require removal. If it doesn't exist, you are not infected. Removal: 1. Right-click the taskbar and select "Start task manager"2. In the Processes tab, end any process named "winsyl[Caution: Executable File]"3. In the Registry Editor window you still should have open, right-click the "Adobe Drivers" folder and select Delete4. Open Windows Explorer, enter in the URL %AppData%\Microsoft\Windows\5. Delete the folder "Drivers"6. As a safety measure, run a full system scan using a reputable anti-virus such as MSE. You might've forgotten that because at the time you were very busy with crew work I think. :) 2 Link to comment Share on other sites More sharing options...
Sentry_Wolf Posted July 29, 2012 Share Posted July 29, 2012 Wasn't excepting to see this at all! But delighted it has happened, two amazing additions. Really excited to things going forward for tip.it :) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now