Author Topic: Computermix, Ipquarx, and Cca - CBM being hacked into to steal keys [chat+pics] (Read 43509 times)

Theportalmaster · November 02, 2014, 03:03:39 PM

It is victim blaming though? Vulnerabilities occur in everything and taking the time to discover said advantage and exploit it puts you at blame.

With this logic you, should someone break into someone else's house, you should blame them for not installing bullet-proof windows/steel walls/doors which can be pick-locked. In fact, also blame the people who built said house.

Ad Bot · Advertisement

Kishgal · November 02, 2014, 03:06:56 PM

...They willingly and knowingly gave their key information to untrustworthy people running an untrustworthy service despite multiple people, including Badspot and previously Ephialtes saying precisely not to do that. How is it not their fault?

Blake1 · November 02, 2014, 03:15:33 PM

I read through about 8 pages of this and I'm really concerned and confused. Is my key safe or not? Like 3 people said it's only the last few digits. How was this calculated? Only the first 5 digits are bound to the ID; which kalphiter found out and had that "Your first 5 digits of your key" thing on blockland cloud. If they found out the last digits, is the entire key possibly unsafe?

Theportalmaster · November 02, 2014, 03:16:39 PM

Please explain how it is untrustworthy? Cowboy has been hosting CBM for a long time without any issues and fairly secure servers.

It's still victim blaming. Someone choosing to hack into private information is the fault of the hacker and not the victim. If the hacker did not choose to hack in the first place, then the incident would have not happened. It's as simple as it gets.

Kishgal · November 02, 2014, 03:17:47 PM

Quote from: Blake1 on November 02, 2014, 03:15:33 PM

If they found out the last digits, is the entire key possibly unsafe?

Yes. I don't know why people are telling themselves otherwise, but that means that yes, it is unsafe. Not to mention that the majority of the actual information we have is way outdated or could just be based on lies, there is no way of knowing whether or not the full keys are floating around out there.

Quote from: Theportalmaster on November 02, 2014, 03:16:39 PM

Please explain how it is untrustworthy? Cowboy has been hosting CBM for a long time without any issues and fairly secure servers.

http://forum.blockland.us/index.php?topic=269222.0

Dreams_Of_Cheese · November 02, 2014, 03:18:16 PM

we see you forgeter >.>
http://forum.blockland.us/index.php?action=profile;u=30841

Kishgal · November 02, 2014, 03:18:41 PM

Quote from: Dreams_Of_Cheese on November 02, 2014, 03:18:16 PM

we see you forgeter >.>
http://forum.blockland.us/index.php?action=profile;u=30841

lynch em

Theportalmaster · November 02, 2014, 03:20:41 PM

Quote from: Kishgal on November 02, 2014, 03:17:47 PM

http://forum.blockland.us/index.php?topic=269222.0

Nice job linking to the OP of which I am aware of. This does not invalidate that CBM has been fairly secure up until this point in which a vulnerability was discovered, which was promptly fixed.

Maxxi · November 02, 2014, 03:21:16 PM

Quote from: Blake1 on November 02, 2014, 03:15:33 PM

I read through about 8 pages of this and I'm really concerned and confused. Is my key safe or not? Like 3 people said it's only the last few digits. How was this calculated? Only the first 5 digits are bound to the ID; which kalphiter found out and had that "Your first 5 digits of your key" thing on blockland cloud. If they found out the last digits, is the entire key possibly unsafe?

Alright, as I've said about 5 times before, heres the twist.
We don't know what Man of Reason or Computermix could be doing right at this minute.
Also, the information presented to Cowboy6 seems really fishy.
Why out of all people would Man of Reason just email Cowboy saying
"hey i hacked into your webserver and stole keys"
You don't know if hes being truthful.
I think that Man of Reason is lying, and he has more than you think.

Wrapperup · November 02, 2014, 03:23:32 PM

I would like a better dedicated server program. If we could just REMOVE key linkage to dedicated servers, steam users, other dedicated hosts would be so much easier to pull off and manage (not to mention more secure). Who cares if someone without Blockland hosts a server? They are only helping everyone. Not trying to bash anyone here, but removing key linkage could help tremendously in keeping client's personal data secure.

Kishgal · November 02, 2014, 03:26:02 PM

Quote from: Theportalmaster on November 02, 2014, 03:20:41 PM

Nice job linking to the OP of which I am aware of. This does not invalidate that CBM has been fairly secure up until this point in which a vulnerability was discovered, which was promptly fixed.

The fact that it was fixed does not mean that it didn't happen. You can't just pretend something didn't happen because it suits you, sorry guy.

Acerblock · November 02, 2014, 03:26:31 PM

Quote from: Kishgal on November 02, 2014, 03:06:56 PM

...They willingly and knowingly gave their key information to untrustworthy people running an untrustworthy service despite multiple people, including Badspot and previously Ephialtes saying precisely not to do that. How is it not their fault?

...I'm done arguing this point, I am just sick and tired of being blamed for someone getting my key off an encrypted file I put on a remote server. Still don't see how I, Wrapper, Blake or anyone else using CBMHost was wrong.

Kishgal · November 02, 2014, 03:27:30 PM

Quote from: Wrapperup on November 02, 2014, 03:23:32 PM

I would like a better dedicated server program. If we could just REMOVE key linkage to dedicated servers, steam users, other dedicated hosts would be so much easier to pull off and manage (not to mention more secure). Who cares if someone without Blockland hosts a server? They are only helping everyone. Not trying to bash anyone here, but removing key linkage could help tremendously in keeping client's personal data secure.

Don't rely on an external service in the first place. There is no reason for Badspot to change anything because the current system is perfectly fine when it's not in use by idiots.

Quote from: Acerblock on November 02, 2014, 03:26:31 PM

Still don't see how I, Wrapper, Blake or anyone else using CBMHost was wrong.

You could try reading my post, that might enlighten you. Hell, maybe you could even think. That might just help.

Acerblock · November 02, 2014, 03:30:06 PM

Quote from: Kishgal on November 02, 2014, 03:27:30 PM

Don't rely on an external service in the first place. There is no reason for Badspot to change anything because the current system is perfectly fine when it's not in use by idiots.
You could try reading my post, that might enlighten you. Hell, maybe you could even think. That might just help.

I read your post. All I did was enter in my key the same way you enter in a key for the first time opening up Blockland. I was not aware of multiple key.dat's being an exploit. All I was using the service for was to host a server.

Quote from: Kishgal on November 02, 2014, 03:27:30 PM

Don't rely on an external service in the first place.

My Internet cannot even handle a Blockland server.

Theportalmaster · November 02, 2014, 03:30:26 PM

Quote from: Kishgal on November 02, 2014, 03:26:02 PM

The fact that it was fixed does not mean that it didn't happen. You can't just pretend something didn't happen because it suits you, sorry guy.

I'm not pretending that it didn't happen? Once again, every system in existence is vulnerable and it isn't usually noticed nor fixed until someone discovered it; usually exploiting it. This still does not explain why CBM should have previously been seen as an untrustworthy host.