OcUK Moderator's elderly mother abused on the phone

Status
Not open for further replies.
Soldato
Joined
27 Jul 2004
Posts
2,782
Location
Berkshire
This reeks of the kind of thing 4channer's would do, for the lulz and all that, I wonder if there are links between a certain hate site and 4chan members.

not worth doing unless its for EPIC lulz


serious case of childishness going on here though, seriously ... phoning relatives instead of the person :rolleyes:
 

Adz

Adz

Soldato
Joined
18 Oct 2002
Posts
10,277
Location
Berkshire
You don't actually need to 'hack' anything to get hold of someone's password. I've pulled this trick on people in the past (not maliciously, only with friends) and only a modest amount of computer skill is actually required. You just have to rely on the ludicrous password 'security' most people employ and perhaps a few Derren Brown mind games ;).

In current times when people use the internet for various aspects of their daily lives, having access to someone's email without their knowledge gives you a lot of control.

OcUK - have you thought about hosting the don's room as a separate forum, on another IP address, restricted by IP with a simple .htaccess? That would prevent a re-occurrence as, whatever other security you employ, you can never rely on the user to keep their password secure or the user's PC to be clean.
 
Permabanned
Joined
21 Apr 2004
Posts
13,312
Location
Wolverhampton
I'm not sure if "hacked" is the correct term, someone used a Don's login to browse the Dons Room and to copy and paste a load of threads in there.

Late Monday night another Don's e-mail account was hacked. Then the attacker requested a new password from the newly upgraded forums

It depends on how the person gained access to the Don's email account. The hack is him gaining access to that, not just using the login details.

It's scary when that happens, as they potentially have access to a lot of things. :(
 
Caporegime
Joined
30 Jun 2007
Posts
68,770
Location
Wales
Tbh they are pretty pathetic to ring his mum when the could have just randomly banned dozens of people an unbanned some of the permered people (if you can do that)
 
Don
Joined
17 May 2004
Posts
12,763
Location
Telford, Shropshire
You don't actually need to 'hack' anything to get hold of someone's password. I've pulled this trick on people in the past (not maliciously, only with friends) and only a modest amount of computer skill is actually required. You just have to rely on the ludicrous password 'security' most people employ and perhaps a few Derren Brown mind games ;).

In current times when people use the internet for various aspects of their daily lives, having access to someone's email without their knowledge gives you a lot of control.

OcUK - have you thought about hosting the don's room as a separate forum, on another IP address, restricted by IP with a simple .htaccess? That would prevent a re-occurrence as, whatever other security you employ, you can never rely on the user to keep their password secure or the user's PC to be clean.


Surely this HAS to happen, yes it might be a pain in the arse to keep up to date, but it's more secure.

Currently as it is, I'd imagine a fair few people would be very worried about their own account security and any information which has been placed into that account. I remember the mass mailing which happened only a couple of months ago, as well as a number of other things which have happened and the ones which we non don's and underbosses ever hear of.
 
Man of Honour
Joined
17 Nov 2003
Posts
36,743
Location
Southampton, UK
You don't actually need to 'hack' anything to get hold of someone's password. I've pulled this trick on people in the past (not maliciously, only with friends) and only a modest amount of computer skill is actually required. You just have to rely on the ludicrous password 'security' most people employ and perhaps a few Derren Brown mind games ;).

In current times when people use the internet for various aspects of their daily lives, having access to someone's email without their knowledge gives you a lot of control.

Indeed, social engineering is one of the most effective ways to get a password.

Personally, I can understand why people are upset and it's absoluetly deplorable what's been done, but doesn't need to be much of an issue.

BT (or what ever provider) can easily find out where the number came from and assuming it's not a public phone, it's easy for the police to take action. Has the Don done this?

Also, maybe blocking calls from withheald number might be a good idea, that last thing you want is for this to happen again.

Burnsy
 
Soldato
Joined
9 Jun 2005
Posts
13,958
i dont have time to read full thread but i assume police where contacted ? if not they should be because theyl be serious about it

well they where when someone was ringing my grandma shouting all sorts and threatening to kill her. was some weirdo oap from the club she goes too :/ he only got a warning but you cant do much more to a 70+yr old tbh , atleast her and her friends found out who it was.
 
Caporegime
Joined
25 Jul 2005
Posts
28,851
Location
Canada
It depends on the method he used. Either way, whatever he did to get in, it still violates the act and OcUK are right to take action against him.

I'm not disputing it was wrong, i'm just saying it was most likely cracked not hacked, I assume most email providers such as hotmail and ISP ones are near impossible to hack and so cracking is the most likely cause.:)
 
Soldato
Joined
21 Oct 2002
Posts
18,022
Location
London & Singapore
I'm not disputing it was wrong, i'm just saying it was most likely cracked not hacked, I assume most email providers such as hotmail and ISP ones are near impossible to hack and so cracking is the most likely cause.:)

:confused:

Hack(ing) = for educational or time saving purposes
Crack(ing) = for malicious purposes

Doesn't matter which one of the above that it is, both are illegal if you don't own or have authorised access to the computers, accounts or data involved.
 
Caporegime
Joined
25 Jul 2005
Posts
28,851
Location
Canada
your still breaking the data protection and computer misuse act

As I said I wasn't disputing the legality or morality of it, it is wrong and illegal. I was just disputing the terminology used.:)

EDIT: NathanE isn't hacking also burrowing or exploiting weaknesses in programs/websites too? Which is more pertinent in this case.
 
Last edited:
Soldato
Joined
6 Jan 2006
Posts
4,663
Location
Newcastle
EDIT: NathanE isn't hacking also burrowing or exploiting weaknesses in programs/websites too? Which is more pertinent in this case.

thats pen testing


hacking is more towards splicing bits of code together and pen testing or stealing code etc (so many possibilities) in my theory it all comes to what type of hat do you wear ?

cracking is mainly just code breaking ..................

And so where OcUK, at least the DPA

in what way ?
 
Soldato
Joined
4 Feb 2007
Posts
9,767
Location
Nuneaton, UK
Just saw this, very sick thing to attack someones mother over the phone.

Hope the idiots responsible get what they deserve.

Being an admin on a car site before I have seen jealous people do silly things, its not big and its not clever.

I just hope nothing else happens and the silly people crawl back under the rock they came from.

Hope all Dons and people involved are ok.

Nick
 
Permabanned
Joined
24 Jul 2003
Posts
30,259
It depends on the method he used. Either way, whatever he did to get in, it still violates the act and OcUK are right to take action against him.

They'd also be shooting themselves in the foot if the data obtained turned out to be a breach of the DPA in itself. In other words if peoples names and addresses where in there without permission.
 
Caporegime
Joined
25 Jul 2005
Posts
28,851
Location
Canada
thats pen testing


hacking is more towards splicing bits of code together and pen testing in my theory it all comes to what type of hat do you wear ?

Ah ok I didn't realise that, but my argument is still sound, it was more likely cracking than hacking.

EDIT: Damn your edit, maybe I was wrong afterall *confused* :D
 
Soldato
Joined
21 Oct 2002
Posts
18,022
Location
London & Singapore
As I said I wasn't disputing the legality or morality of it, it is wrong and illegal. I was just disputing the terminology used.:)

EDIT: NathanE isn't hacking also burrowing or exploiting weaknesses in programs/websites too? Which is more pertinent in this case.

It all depends upon the context in which the vulnerability is being exploited. Hacking is generally non-malicious and the individual is more concerned about learning how to use a specific exploit. Cracking however means the individual knows exactly what they want to achieve and how they are going to go about it and that they have malicious intentions.

Meh :)
 
Status
Not open for further replies.
Back
Top Bottom