Official Everybody Edits Forums

Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?

You are not logged in.

#26 2019-07-24 18:55:56, last edited by icepegasus (2019-07-24 19:00:02)

icepegasus
Member
Joined: 2015-08-21
Posts: 86

Re: Thank you for safe, EE Staff!

peace wrote:

if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above

Hashed passwords are not impossible to crack, As a matter of fact it isn't even that hard to crack a hashed password.


user.php?id=icepegasus

Offline

#27 2019-07-24 18:57:24

ZeldaXD
EE Homeboy
From: Cyprus
Joined: 2015-02-15
Posts: 1,539
Website

Re: Thank you for safe, EE Staff!

peace wrote:
Gosha wrote:
peace wrote:
Growler wrote:

it has been speculated that there was a keylogger or bad freegame.swf that can get your account details if you type it in

Growler wrote:

It's impossible for this to be part of PlayerIO's fault as they hash any password. Nobody can get them, even the hard way so if anything,

??????

What don't you understand?
Playerio stores hashed passwords and ignores the case. Leaked passwords contain case sensitive plain text passwords. So it can't be playerio to blame.

if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above

PlayerIO is not at fault for this leak


gLjTZE1.png

Offline

#28 2019-07-24 20:03:06

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Thank you for safe, EE Staff!

ZeldaXD wrote:
peace wrote:
Gosha wrote:
peace wrote:
Growler wrote:

it has been speculated that there was a keylogger or bad freegame.swf that can get your account details if you type it in

Growler wrote:

It's impossible for this to be part of PlayerIO's fault as they hash any password. Nobody can get them, even the hard way so if anything,

??????

What don't you understand?
Playerio stores hashed passwords and ignores the case. Leaked passwords contain case sensitive plain text passwords. So it can't be playerio to blame.

if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above

PlayerIO is not at fault for this leak

but how can ahshed passwords be readable then?


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#29 2019-07-24 21:35:43

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: Thank you for safe, EE Staff!

peace wrote:
ZeldaXD wrote:
peace wrote:
Gosha wrote:
peace wrote:

??????

What don't you understand?
Playerio stores hashed passwords and ignores the case. Leaked passwords contain case sensitive plain text passwords. So it can't be playerio to blame.

if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above

PlayerIO is not at fault for this leak

but how can ahshed passwords be readable then?

Use your logic.
You enter password in game -> it goes to pio -> pio converts it to lowercase, hashes it and stores.
If you somehow get hashed passwords and try to unhash them - you would get lowercase passwords.
It means there is something wrong in the first step
Enter password it game -> it goes to bad guys because of bad security of the game

Playerio is not the one whom you should blame

Offline

#30 2019-07-24 21:51:02

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Thank you for safe, EE Staff!

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#31 2019-07-24 22:21:05

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: Thank you for safe, EE Staff!

peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

O my God.
Hackers hacked the badly designed game, not playerio database. That's all you need to know

Offline

Wooted by:

#32 2019-07-25 03:26:25

Pqwerty
Member
From: 'Murica
Joined: 2015-10-09
Posts: 1,997

Re: Thank you for safe, EE Staff!

peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

Offline

#33 2019-07-25 10:01:10

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Thank you for safe, EE Staff!

Pqwerty wrote:
peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

ah this makes more sense


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

Wooted by:

#34 2019-07-25 17:39:48

capasha
Member
Joined: 2015-02-21
Posts: 4,066

Re: Thank you for safe, EE Staff!

Pqwerty wrote:
peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

This sound wrong. My friend use lowercase on his login. Still the leak are in uppercase, how?

Offline

#35 2019-07-25 17:47:55

icepegasus
Member
Joined: 2015-08-21
Posts: 86

Re: Thank you for safe, EE Staff!

capasha wrote:
Pqwerty wrote:
peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

This sound wrong. My friend use lowercase on his login. Still the leak are in uppercase, how?

Yes, that's what I said on xeno's thread about this breach. It doesn't make sense


user.php?id=icepegasus

Offline

#36 2019-07-25 19:56:09

Anatoly
Guest

Re: Thank you for safe, EE Staff!

Hello, this debate went pretty hot so i’d think I join. Not chasing any side because I need PROVES.

Yes, we can discuss whatever we want, but I need to know if the following are true:

1) PlayerIO hashes passwords, right? Can the hashes be stolen?
2) How did it came, that only accounts who logged in, in a specific period of time, are stolen? Does EE kind of save the password temporary or what?
3) Gosha: can you tell more about how xenonetix managed the game? Is I confirmed that only one person worked on eeu?
4) what is eeu’s current dev stage?

Also, not my job, but stay on topic: EEs security, not EEUs progress //ee.failforums.me/img/smilies/wink

#37 2019-07-25 20:20:54

Pqwerty
Member
From: 'Murica
Joined: 2015-10-09
Posts: 1,997

Re: Thank you for safe, EE Staff!

icepegasus wrote:
capasha wrote:
Pqwerty wrote:
peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

This sound wrong. My friend use lowercase on his login. Still the leak are in uppercase, how?

Yes, that's what I said on xeno's thread about this breach. It doesn't make sense

Aren't all the leaked passwords case-sensitive, though?

Offline

#38 2019-07-25 21:29:22

icepegasus
Member
Joined: 2015-08-21
Posts: 86

Re: Thank you for safe, EE Staff!

Anatoly wrote:

4) what is eeu’s current dev stage?

Also, not my job, but stay on topic: EEs security, not EEUs progress //ee.failforums.me/img/smilies/wink

That's a little hypocritical comment, don't you think?


user.php?id=icepegasus

Offline

Wooted by:

rat

#39 2019-07-25 22:12:50

Pqwerty
Member
From: 'Murica
Joined: 2015-10-09
Posts: 1,997

Re: Thank you for safe, EE Staff!

Anatoly wrote:

1) PlayerIO hashes passwords, right? Can the hashes be stolen?

The hashes would have to be stolen from Player.IO, but yes I think they could be stolen if Player.IO got hacked.

Anatoly wrote:

4) what is eeu’s current dev stage?

alpha

(I don't have enough technical background to answer # 2, and I'm not Gosha so I can't answer # 3)

Offline

#40 2019-07-25 23:39:01, last edited by Gosha (2019-07-25 23:39:51)

Gosha
Member
From: Russia
Joined: 2015-03-15
Posts: 6,202

Re: Thank you for safe, EE Staff!

Anatoly wrote:

Gosha: can you tell more about how xenonetix managed the game

No

Anatoly wrote:

Is I confirmed that only one person worked on eeu?

Are you confirmed?

Yes, only one person worked on eeu until the middle of January

Offline

#41 2019-07-26 00:30:53

mrjawapa
Corn Man 🌽
From: Ohio, USA
Joined: 2015-02-15
Posts: 5,840
Website

Re: Thank you for safe, EE Staff!

How many people here think they know what they're talking about, but really have no idea?


Discord: jawp#5123

Offline

Wooted by: (2)

#42 2019-07-26 02:41:25

Kira
Member
Joined: 2019-04-22
Posts: 1,337

Re: Thank you for safe, EE Staff!

mrjawapa wrote:

How many people here think they know what they're talking about, but really have no idea?

This is how every forum debates ends. You have some interesting points thrown out here and there and poof, the great minds such as Anatoly, Peace joins for an ultimate ****.

Offline

#43 2019-07-26 09:27:43, last edited by peace (2019-07-26 09:29:01)

peace
Member
From: admin land
Joined: 2015-08-10
Posts: 9,226

Re: Thank you for safe, EE Staff!

Anatoly wrote:

1) PlayerIO hashes passwords, right? Can the hashes be stolen?      idk
2) How did it came, that only accounts who logged in, in a specific period of time, are stolen? Does EE kind of save the password temporary or what?         from whatpqwerty said the passwords were send to the hacker sbeofre they were send to PIO (who then hashe sthem)
3) Gosha: can you tell more about how xenonetix managed the game? Is I confirmed that only one person worked on eeu?                              we have now i belive 2+xeno workign on EEU luke  and byte and i belle cercul1 for EEO han gon a second afeter i poste dthis ill check the fourm userlist woops forgot about koya and kenitya our ghrapics desingers i think they work on EEU too 
4) what is eeu’s current dev stage?                                its still in alpha but its almost ready for closedbeta a few weeks left i guess


peace.png

thanks hg for making this much better and ty for my avatar aswell

Offline

#44 2019-07-26 10:34:47

Mariomaster
Member
Joined: 2018-07-04
Posts: 48

Re: Thank you for safe, EE Staff!

Finally, can't wait for closed beta, I've been forced to go to EE Kong for my fix!

Offline

#45 2019-08-02 20:07:00

daneeko
Member
From: EE Universe
Joined: 2015-02-20
Posts: 2,245

Re: Thank you for safe, EE Staff!

so im still confused, how did some people not get hacked? is it because they didnt log in at a specific period of time? if so, it makes sense why i didnt get breached lol


UzI5nBc.png

Offline

#46 2019-08-03 10:23:40, last edited by Zumza (2019-08-03 10:24:00)

Zumza
Member
From: root
Joined: 2015-02-17
Posts: 4,641

Re: Thank you for safe, EE Staff!

@Pqwerty

There was a Twitter post, but they deleted it in a very short time.
They also disabled email notification on the blog post regarding the breach.

They wanted to cover it up as much as they could had.

Xenonetix turned not EE, not EEU, but "waiting for EEU" into his business plan.


Everybody edits, but some edit more than others

Offline

#47 2019-08-03 17:08:12

LIATRI42
Banned
From: Moscow
Joined: 2019-07-20
Posts: 41

Re: Thank you for safe, EE Staff!

@Zumza
Maybe because they wanted to stay positive and do not make panic, taking the situation under their control?

Offline

#48 2019-08-03 17:43:36

capasha
Member
Joined: 2015-02-21
Posts: 4,066

Re: Thank you for safe, EE Staff!

Plesnuik wrote:

@Zumza
Maybe because they wanted to stay positive and do not make panic, taking the situation under their control?

I have never seen a company that got hacked have got silent about it. Maybe only you and xenonetix company.

Offline

#49 2019-08-03 19:22:41

LIATRI42
Banned
From: Moscow
Joined: 2019-07-20
Posts: 41

Re: Thank you for safe, EE Staff!

capasha wrote:

I have never seen a company that got hacked have got silent about it. Maybe only you and xenonetix company.

Im not a company. Chris Lamb doesn't have a company. People put pressure on Xenonetix and give him extra stress, so in order to avoid ridicule and criticism, he decided not to cause a panic. (My personal opinion).
Think that the topic in the forum is quite enough, because who needs join the notepad and look for someone’s account. This happened to me because I created a post earlier that made some guy find me in the sheet and log into my accounts. You make an elephant out of a fly

Offline

LIATRI421564856561757708

Board footer

Powered by FluxBB

[ Started around 1711622546.2396 - Generated in 0.087 seconds, 13 queries executed - Memory usage: 1.84 MiB (Peak: 2.11 MiB) ]