| Author |
How safe is Esato? |
mixin
Joined: Jan 26, 2002
Posts: > 500
From: Notts, UK
PM, WWW
|
I just got an email from "Ebay" asking for my credit card details because my account was about to be terminated due to outstanding bills. I knew this was obviously a fraudulent email because major companies never ask for details like that in emails.
It got me thinking though. How safe is esato?
If someone sent an email claiming to be from esato, would you click on the link and fill in your login details? I think most would probably fall for it, because there aren't really important details on esato to spread. But you're account could rather easily be hi-jacked by someone whose smart enough to know about faking emails!
This also lead me to thinking how secure is esato itself. I know that esato is still using the original PHPBB, and hasn't upgraded to phpbb2 yet (it would be time consuming to do so). But does this throw up any security concerns? Is the original PHPBB easier to break into so people can take down the whole forum or hack into moderators accounts?
Ultimatly i'd like a reply from Laffen to reasure me on the how safe esato is, cos i wouldn't wanna see it dead when i wake up in the morning 
|
|
|
whizkidd
Joined: May 14, 2004
Posts: > 500
From: India
PM, WWW
|
Thats a scary scenario you're talkin about.
This message was posted from a T230 |
*Jojo*
Joined: Oct 15, 2003
Posts: > 500
PM |
Yup! As I just can see some posts abruptly disappearing right in front of my face early this week as I post, and I guess the mods are not doing the deletion back there  . Honestly, speaking there are/is some 'magicians' here who are just so talented that they can penetrate into the system without the mods, (I hope not @laffen included here) knowing it 
@laffen - I guess your site needs more security tightening, Norton anti-virus cannot do the job all by itself here . . . |
plasmadog
Joined: May 06, 2004
Posts: > 500
From: Beantown, India
PM |
its rather easy to get your email address if the spammers/tricksters know who to target. its a good thing you didn't fall for that email fraud, but its only because u are vigilant. and that's what everyone needs to be.
but that apart, since esato doesn't have things like credit card payment gateways and such, i don't think a very high level of security is needed. there is a lot of personal information being exchanged true, but this is a far cry from being a commercial website. |
whizkidd
Joined: May 14, 2004
Posts: > 500
From: India
PM, WWW
|
Plasma, i am least worried about the email thing. What bothers me is a scenario where Esato is hacked by some idiot. Thats what i fear the most.
This message was posted from a T230 |
Asterix
Joined: Aug 19, 2004
Posts: > 500
From: Lima / Peru
PM, WWW
|
Cīmon guys, don't panic, let @laffen and the mods manage the situation, they should be aware of the security on esato and they've demostrated that they know what they're doing.
T610 Powered |
Johnex
Joined: Nov 26, 2002
Posts: > 500
From: Stockholm/Sweden
PM, WWW
|
There are mayor bug fixes from phpbb to phpbb2 though. Hopefully laffen has blocked those holes in the system without a mayor update of the forums.
This message was posted from a Z1010 |
knight4led
Joined: May 27, 2004
Posts: > 500
From: Califonia, USA
PM |
I'm not that sacred. Only my old email and aim are listed
This message was posted from a T616 |
tranquil
Joined: Dec 15, 2001
Posts: > 500
From: Oslo, Norway
PM |
Esato will never question anyones password in any way. If you ever recieve an e-mail questioning the status of your Esato membership/account concider it a scam and report it.
I've asked Laffen the same question a coupple of times.
His reply to me then has been "No way!", with a big grin on his face 
Esato is Laffens' "baby" and he is looking after it and making sure it is as safe as it can possibly be.
As far as hacking other users' accounts via e-mail is only possible to do if the reciever of the e-mail gets tricked into answering.
Pretending to having managed to hack in to the moderator facilities is not difficult at all. With a tiny bit of a creative brain it does not take much to figure that one out (I'm, offcourse, not going to tell how it's done but there is only one way to do it and it's very easily spotted by a moderator.)
I can promise you, on behalf of Laffen, that there is nothing to worry about. Esato will not dissapear because of some idiot who doesn't know the difference between mine and yours.
_________________
Tranquil
Esato Shop
[ This Message was edited by: tranquil on 2004-10-09 08:18 ] |
kimcheeboi
Joined: Dec 19, 2003
Posts: > 500
From: Abducted by hot blondes to Les
PM |
tranquil you will have everyone on esato trying to 'hack' it now! 
im watching you! 
[addsig] |
Johnex
Joined: Nov 26, 2002
Posts: > 500
From: Stockholm/Sweden
PM, WWW
|
A little research on google gives a long list on phpbb 1 bugs.
This message was posted from a Z1010 |
Ayush
Joined: Sep 12, 2003
Posts: > 500
From: Hyderabad, india
PM |
Thou searched google wap? :-D
This message was posted from a T610 |
Johnex
Joined: Nov 26, 2002
Posts: > 500
From: Stockholm/Sweden
PM, WWW
|
:D there too....
This message was posted from a Z1010 |
Dragonfly_TP
Joined: Aug 11, 2004
Posts: > 500
From: Belgium
PM |
This is just paranoid. You should never give any account details, passwords or creditcard details by mail. Als never post any personal info and other details in online forums. Speaking of being paranoid, google had become very powerful. Leaving any information on the internet and it might be found by a simple goooogle search!
Everything was ugly, but your beautiful face. |
Johnex
Joined: Nov 26, 2002
Posts: > 500
From: Stockholm/Sweden
PM, WWW
|
Yes, thats what i'm trying to point out.
This message was posted from a Z1010 |
|
|
Posted: 2004-10-08 23:58
ink p800:: 
urple t630:: 
