| Off Topic > Drama |
| RBL - Ephialtes |
| << < (3/18) > >> |
| cucumberdude:
Okay, I increased the spacing - that should help. |
| Destiny/Zack0Wack0:
Quoting this from my post in the Blockland Bulletin topic; --- Quote from: Destiny/Zack0Wack0 on March 10, 2011, 04:34:51 AM ---If you're stupid enough to sign up for a site that isn't professionally maintained (heck, I wouldn't even trust myself) with your global password, it's your own fault. HOWEVER, this should have been hashed from the beginning. Making an advertised site on a forum with people that aren't all tech smart with no password hashing was a bad idea. No doubt some children or people who just weren't thinking about it signed up with their global password. It's just asking for someone to come along and inject the passwords out of the database or something similar. Why is it not hypocritical for Ephialtes' to say that no user-maintained websites should be allowed? Because Ephialtes is a professional programmer. You can go along thinking it's hypocritical all you like but at the end of the day we all know that Ephialtes can be trusted. RTB 2+ has been in service for a few years now. If Ephialtes was secretly sitting in his grandma's attic stealing unhashed passwords someone would have complained about it already. --- End quote --- |
| Iban:
We can all point and laugh at the people that would sign up with their global password that is then leaked as plain-text, but what you need to understand is that this is a community for children who will make these kinds of mistakes. The service was petty and it's not really worth getting this upset over. Sure, it sucks when someone ruins your claim to fame, but I would rather it end this way than to have someone like Kalphiter get away with a bunch of people's passwords and end up taking their Neopets accounts or some stuff. |
| Destiny/Zack0Wack0:
--- Quote from: Iban on March 10, 2011, 07:25:13 AM ---We can all point and laugh at the people that would sign up with their global password that is then leaked as plain-text, but what you need to understand is that this is a community for children who will make these kinds of mistakes. The service was petty and it's not really worth getting this upset over. Sure, it sucks when someone ruins your claim to fame, but I would rather it end this way than to have someone like Kalphiter get away with a bunch of people's passwords and end up taking their Neopets accounts or some stuff. --- End quote --- I agree entirely. |
| cucumberdude:
--- Quote from: Iban on March 10, 2011, 07:25:13 AM ---We can all point and laugh at the people that would sign up with their global password that is then leaked as plain-text, but what you need to understand is that this is a community for children who will make these kinds of mistakes. --- End quote --- Again, NO PASSWORDS WERE LEAKED. --- Quote from: Destiny/Zack0Wack0 on March 10, 2011, 04:51:37 AM ---[...] HOWEVER, this should have been hashed from the beginning. [...] --- End quote --- --- Quote from: cucumberdude on March 10, 2011, 03:30:27 AM ---Before you read this or comment, just know that I openly admit that I have made mistakes. Namely, my initial refusal to encrypt passwords. For this, I apologize. Kalphiter is/was of course right - having passwords unencrypted is a security risk. Again, I regret not being initially more receptive and reasonable about the matter and simply putting it in place ASAP. I'm stubborn like that. --- End quote --- --- Quote from: Iban on March 10, 2011, 07:25:13 AM ---but I would rather it end this way than to have someone like Kalphiter get away with a bunch of people's passwords and end up taking their Neopets accounts or some stuff. --- End quote --- I suppose so. But honestly consider - what could I really want with a thousand lego game forum accounts? I guess accounts ARE more valuable now that they are tied to keys. All the same, I'm pretty sure that if I was stealing accounts, people would notice. And trust me, I don't really want that on my record. |
| Navigation |
| Message Index |
| Next page |
| Previous page |