Important Security Reminder

The latest news and announcements about theHunter provided by the developers
User avatar
gas56
Outfitter
Posts: 3364
Joined: April 4th, 2014, 12:51 pm

Re: Important Security Reminder

Postby gas56 » November 3rd, 2017, 7:08 pm

Graidlyz wrote:
gas56 wrote:
Fletchette wrote:And passwords ARE NOT STORED IN COOKIES.


The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.



Cookies don't lead where the password is, they allow you to log into an account, but don't give you any password.

Read both articles above
User avatar
caledonianblues
Moderator
Moderator
Posts: 8181
Joined: September 27th, 2012, 11:01 pm
Location: Stockholm, Sweden

Re: Important Security Reminder

Postby caledonianblues » November 3rd, 2017, 7:25 pm

gas56 wrote:Why don't you read both articles above.
If the military taught me one thing it was to keep my mouth shut about security matters.
So I think that is what I will do now, if you want to learn, it won't be from me making mistakes, good luck.

I removed the links. Please refrain in future from sharing such information. By the way the first article referenced archaic methods that no hackers use in this day and age, nor would they yield any success with any modern web application. The article was at least 6 or 7 years old. Web applications have moved on leaps and bounds since then, and I can assure you such techniques would not work on theHunter.

To conclude, the advice being given is to change your passwords regularly and avoid using the same passwords for numerous sites. Use strong passwords and, where possible, avoid dictionary words. Deleting cookies will not stop someone from accessing your online accounts, or improve your online security one iota. Cookies do not store sensitive information (or paths to sensitive information).

Everyone is welcome to their own opinion, but in a topic like this, please let's stick to facts to avoid confusing users. Thank you.
UHC Apps | UHC Stats | My PC Specs
Host your own competition, or get your geek on with stats.
User avatar
TheSheWolf
Scout
Posts: 368
Joined: April 28th, 2010, 9:48 am

Re: Important Security Reminder

Postby TheSheWolf » November 3rd, 2017, 7:41 pm

Strange, why bother hacking a bunch of accounts on this game? It's not like you can transfer anything back and forth :S Thanks for the heads-up, though!
User avatar
gas56
Outfitter
Posts: 3364
Joined: April 4th, 2014, 12:51 pm

Re: Important Security Reminder

Postby gas56 » November 3rd, 2017, 7:44 pm

caledonianblues wrote:
gas56 wrote:Why don't you read both articles above.
If the military taught me one thing it was to keep my mouth shut about security matters.
So I think that is what I will do now, if you want to learn, it won't be from me making mistakes, good luck.

I removed the links. Please refrain in future from sharing such information. By the way the first article referenced archaic methods that no hackers use in this day and age, nor would they yield any success with any modern web application. The article was at least 6 or 7 years old. Web applications have moved on leaps and bounds since then, and I can assure you such techniques would not work on theHunter.

To conclude, the advice being given is to change your passwords regularly and avoid using the same passwords for numerous sites. Use strong passwords and, where possible, avoid dictionary words. Deleting cookies will not stop someone from accessing your online accounts, or improve your online security one iota. Cookies do not store sensitive information (or paths to sensitive information).

Everyone is welcome to their own opinion, but in a topic like this, please let's stick to facts to avoid confusing users. Thank you.

So I guess what you are saying is neither articles were based on facts and could never be a threat.
I wouldn't tell anybody either. ;)
Last edited by gas56 on November 3rd, 2017, 7:47 pm, edited 1 time in total.
User avatar
Fletchette
Trophy Hunter
Posts: 6658
Joined: September 10th, 2013, 8:30 pm
Location: Missouri, USA

Re: Important Security Reminder

Postby Fletchette » November 3rd, 2017, 7:46 pm

gas56 wrote:
Fletchette wrote:And passwords ARE NOT STORED IN COOKIES.


The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.

You obviously didn't read or understand those articles. In the first, the password was NOT in the cookie, nor did it lead to the path where the password is. It's a simple redirection hack where getting the victim to click on a link directs him to another site, which then redirects him to Yahoo. In the process the "hacker" grabbed the session token and could go to the Yahoo account WITHOUT the password. The "victim's" Yahoo account was specifically targeted, otherwise this wouldn't work, and it's the SESSION cookie that is used. These ARE NOT the cookies you are deleting when you delete cookies in your browser. You'll notice that the "hack" happened LIVE when the victim was actually logging into his account, not after. The session token was grabbed in real-time, not pulled from his system afterward. Finally, the session cookie MUST exist, otherwise you couldn't use YAHOO. The "hack" was getting the "victim" to click on that fake link that then took him to his Yahoo account. This isn't really even a "hack", but rather a Phishing attack.

The second article didn't actually say or explain anything, and can basically me summed up with, "use strong passwords".

You'll notice that neither article said anything about logging out of websites, or deleting cookies to protect yourself. Why? Because it doesn't matter. In fact, the first article specifically stated that the victim logging out WOULD NOT log out the attacker.

So again, you do whatever nonsense you want, just don't spread the nonsense.
Personal Bests...
Image
Image
User avatar
gas56
Outfitter
Posts: 3364
Joined: April 4th, 2014, 12:51 pm

Re: Important Security Reminder

Postby gas56 » November 3rd, 2017, 7:55 pm

Fletchette wrote:
gas56 wrote:
Fletchette wrote:And passwords ARE NOT STORED IN COOKIES.


The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.

You obviously didn't read or understand those articles.


What articles are you talking about???................... :lol:
Last edited by gas56 on November 3rd, 2017, 8:00 pm, edited 3 times in total.
User avatar
Mills
Outfitter
Posts: 1479
Joined: January 1st, 2009, 5:01 pm
Location: Samskanchewan

Re: Important Security Reminder

Postby Mills » November 3rd, 2017, 7:58 pm

Image
User avatar
gas56
Outfitter
Posts: 3364
Joined: April 4th, 2014, 12:51 pm

Re: Important Security Reminder

Postby gas56 » November 3rd, 2017, 8:08 pm

Mills wrote:Image


very funny! lol

THE END
User avatar
Seifer
Spotter
Posts: 91
Joined: February 15th, 2014, 6:33 pm
Location: San Antonio, Texas

Re: Important Security Reminder

Postby Seifer » November 3rd, 2017, 8:16 pm

The following link is another screen that I see every time that I log in. It says "You exceeded the maximum # of log in attempts. In addition to your username and password you now also have to solve the CAPTCHA below." Just wondering if anyone else has been having this problem?

https://s1.postimg.org/5w5ymo6pcf/Hunter-0001.png


So much hunting to do, so little time.
User avatar
Graidlyz
Spotter
Posts: 55
Joined: October 27th, 2015, 10:22 am
Location: France

Re: Important Security Reminder

Postby Graidlyz » November 3rd, 2017, 8:18 pm

Seifer wrote:The following link is another screen that I see every time that I log in. It says "You exceeded the maximum # of log in attempts. In addition to your username and password you now also have to solve the CAPTCHA below." Just wondering if anyone else has been having this problem?

https://s1.postimg.org/5w5ymo6pcf/Hunter-0001.png


I do have it all the time as well

By the way it's pointless since the answer is always the same






gas56 wrote:
Graidlyz wrote:
gas56 wrote:
The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.



Cookies don't lead where the password is, they allow you to log into an account, but don't give you any password.

Read both articles above




What articles are you talking about???................... :lol:
Last edited by Graidlyz on November 3rd, 2017, 8:23 pm, edited 1 time in total.

Return to “Latest News & Announcements”

Who is online

Users browsing this forum: lowby, nomad, TheSpecter and 1 guest