Important Security Reminder

The latest news and announcements about theHunter provided by the developers
User avatar
gas56
Outfitter
Posts: 4340
Joined: April 4th, 2014, 12:51 pm
Location: Ohio
Contact:

Re: Important Security Reminder

Post by gas56 »

Graidlyz wrote:
gas56 wrote:
Fletchette wrote: And passwords ARE NOT STORED IN COOKIES.
The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.

Cookies don't lead where the password is, they allow you to log into an account, but don't give you any password.
Read both articles above
User avatar
caledonianblues
Master Hunter
Posts: 9725
Joined: September 27th, 2012, 11:01 pm
Location: London, UK
Contact:

Re: Important Security Reminder

Post by caledonianblues »

gas56 wrote:Why don't you read both articles above.
If the military taught me one thing it was to keep my mouth shut about security matters.
So I think that is what I will do now, if you want to learn, it won't be from me making mistakes, good luck.
I removed the links. Please refrain in future from sharing such information. By the way the first article referenced archaic methods that no hackers use in this day and age, nor would they yield any success with any modern web application. The article was at least 6 or 7 years old. Web applications have moved on leaps and bounds since then, and I can assure you such techniques would not work on theHunter.

To conclude, the advice being given is to change your passwords regularly and avoid using the same passwords for numerous sites. Use strong passwords and, where possible, avoid dictionary words. Deleting cookies will not stop someone from accessing your online accounts, or improve your online security one iota. Cookies do not store sensitive information (or paths to sensitive information).

Everyone is welcome to their own opinion, but in a topic like this, please let's stick to facts to avoid confusing users. Thank you.
User avatar
TheSheWolf
Hunter
Posts: 935
Joined: April 28th, 2010, 9:48 am
Contact:

Re: Important Security Reminder

Post by TheSheWolf »

Strange, why bother hacking a bunch of accounts on this game? It's not like you can transfer anything back and forth :S Thanks for the heads-up, though!
User avatar
gas56
Outfitter
Posts: 4340
Joined: April 4th, 2014, 12:51 pm
Location: Ohio
Contact:

Re: Important Security Reminder

Post by gas56 »

caledonianblues wrote:
gas56 wrote:Why don't you read both articles above.
If the military taught me one thing it was to keep my mouth shut about security matters.
So I think that is what I will do now, if you want to learn, it won't be from me making mistakes, good luck.
I removed the links. Please refrain in future from sharing such information. By the way the first article referenced archaic methods that no hackers use in this day and age, nor would they yield any success with any modern web application. The article was at least 6 or 7 years old. Web applications have moved on leaps and bounds since then, and I can assure you such techniques would not work on theHunter.

To conclude, the advice being given is to change your passwords regularly and avoid using the same passwords for numerous sites. Use strong passwords and, where possible, avoid dictionary words. Deleting cookies will not stop someone from accessing your online accounts, or improve your online security one iota. Cookies do not store sensitive information (or paths to sensitive information).

Everyone is welcome to their own opinion, but in a topic like this, please let's stick to facts to avoid confusing users. Thank you.
So I guess what you are saying is neither articles were based on facts and could never be a threat.
I wouldn't tell anybody either. ;)
Last edited by gas56 on November 3rd, 2017, 7:47 pm, edited 1 time in total.
User avatar
Fletchette
Trophy Hunter
Posts: 7317
Joined: September 10th, 2013, 8:30 pm
Location: Missouri, USA
Contact:

Re: Important Security Reminder

Post by Fletchette »

gas56 wrote:
Fletchette wrote: And passwords ARE NOT STORED IN COOKIES.
The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.
You obviously didn't read or understand those articles. In the first, the password was NOT in the cookie, nor did it lead to the path where the password is. It's a simple redirection hack where getting the victim to click on a link directs him to another site, which then redirects him to Yahoo. In the process the "hacker" grabbed the session token and could go to the Yahoo account WITHOUT the password. The "victim's" Yahoo account was specifically targeted, otherwise this wouldn't work, and it's the SESSION cookie that is used. These ARE NOT the cookies you are deleting when you delete cookies in your browser. You'll notice that the "hack" happened LIVE when the victim was actually logging into his account, not after. The session token was grabbed in real-time, not pulled from his system afterward. Finally, the session cookie MUST exist, otherwise you couldn't use YAHOO. The "hack" was getting the "victim" to click on that fake link that then took him to his Yahoo account. This isn't really even a "hack", but rather a Phishing attack.

The second article didn't actually say or explain anything, and can basically me summed up with, "use strong passwords".

You'll notice that neither article said anything about logging out of websites, or deleting cookies to protect yourself. Why? Because it doesn't matter. In fact, the first article specifically stated that the victim logging out WOULD NOT log out the attacker.

So again, you do whatever nonsense you want, just don't spread the nonsense.
Personal Bests...
Image
Image
User avatar
gas56
Outfitter
Posts: 4340
Joined: April 4th, 2014, 12:51 pm
Location: Ohio
Contact:

Re: Important Security Reminder

Post by gas56 »

Fletchette wrote:
gas56 wrote:
Fletchette wrote: And passwords ARE NOT STORED IN COOKIES.
The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.
You obviously didn't read or understand those articles.
What articles are you talking about???................... :lol:
Last edited by gas56 on November 3rd, 2017, 8:00 pm, edited 3 times in total.
User avatar
Mills
Outfitter
Posts: 1648
Joined: January 1st, 2009, 5:01 pm
Location: Whispering Woods
Contact:

Re: Important Security Reminder

Post by Mills »

Image
User avatar
gas56
Outfitter
Posts: 4340
Joined: April 4th, 2014, 12:51 pm
Location: Ohio
Contact:

Re: Important Security Reminder

Post by gas56 »

Mills wrote:Image
very funny! lol

THE END
User avatar
Seifer
Hunter
Posts: 650
Joined: February 15th, 2014, 6:33 pm
Location: San Antonio, Texas
Contact:

Re: Important Security Reminder

Post by Seifer »

The following link is another screen that I see every time that I log in. It says "You exceeded the maximum # of log in attempts. In addition to your username and password you now also have to solve the CAPTCHA below." Just wondering if anyone else has been having this problem?

https://s1.postimg.org/5w5ymo6pcf/Hunter-0001.png
Spoiler:


Don't mind me, I'm just thinking out loud ;) Mike (Seifer210) ♉
User avatar
Graidlyz
Spotter
Posts: 55
Joined: October 27th, 2015, 10:22 am
Location: France
Contact:

Re: Important Security Reminder

Post by Graidlyz »

Seifer wrote:The following link is another screen that I see every time that I log in. It says "You exceeded the maximum # of log in attempts. In addition to your username and password you now also have to solve the CAPTCHA below." Just wondering if anyone else has been having this problem?

https://s1.postimg.org/5w5ymo6pcf/Hunter-0001.png
I do have it all the time as well

By the way it's pointless since the answer is always the same





gas56 wrote:
Graidlyz wrote:
gas56 wrote:
The path leads to where the password is.

Something you need to read and learn about hackers/crackers and where vulnerabilities are.
Here are 2 articles that explain it.

Cookies don't lead where the password is, they allow you to log into an account, but don't give you any password.
Read both articles above


What articles are you talking about???................... :lol:
Last edited by Graidlyz on November 3rd, 2017, 8:23 pm, edited 1 time in total.
Post Reply

Return to “Latest News & Announcements”

Who is online

Users browsing this forum: No registered users and 1 guest