After HDBits.org and Bit-HDTV databases were stolen, i'm thinking about general security on private trackers...because i don't wanna change all my passwords each week :D

According to you, is it possible that all private trackers are hacked easily ?

Which one are reliable, with a staff that has nothing "more interesting to do"...

Thanks

I think those sites are rather noobish. Most large, and well thought after sites will be difficult to hack.

They are all risky. no need to chage your password each week just use a different one for each tracker, or use a program that keeps track of them for you (not as safe). But never ever ever use the same password end of story.

Just don't use crap sites... like RTS, HDBits, and Bit-HDTV... and if you have to make sure you have different P/Ws everywhere.

Though you should do that anyway.

Most browsers will auto store your passwords, and firefox will even show your password for each site you use one.

You should use a unique password for each site regardless, because as a member, you have no idea how your password is stored. If a site admin say that passwords are hashed, what proof do you have?

They are all risky. no need to chage your password each week just use a different one for each tracker, or use a program that keeps track of them for you (not as safe). But never ever ever use the same password end of story.
yup i do use random pass on all sites

Just don't use crap sites... like RTS, HDBits, and Bit-HDTV... and if you have to make sure you have different P/Ws everywhere.

Though you should do that anyway.

Who are u, sistah?

I'd like some rape sauce on my chilli fries and my bitches, please

Just don't use crap sites... like RTS, HDBits, and Bit-HDTV... and if you have to make sure you have different P/Ws everywhere.

Though you should do that anyway.

Who are u, sistah?

I'd like some rape sauce on my chilli fries and my bitches, please


can i have some of what you're smoking please? :blink: :whistling

There will always be a few members of a tracker who will face consequences because of the site's security issues. In the BiT-HDTV forums for example I read about someone loosing access to an oink account.

Every single step you take on the internet is a risk for you, the very first is connecting to it. Of course you can (and should) take precautions so you won't fall prey to those people who use security leaks for their own enrichment but they can only do that if they have enough data to work with. The safest way to use multiple trackers are unique usernames, unique passwords AND unique mail addresses. The first two are easy to do if somewhat harder to remember, different mail addresses can be a challenge. But even that can be done with a minimum of work: I use those disposable yahoo mail addresses you can set up for yourself in a minute and it all works with one main yahoo-account. What is left for the attacker to link accounts together are the mere IP addresses and that shouldn't bother you, aside from the fact that those IPs are saved at all.

So you see, what you as a user can do is very limited, reasonably easy but also very effective. The big task has always been with those people who store the information and provide the tracker interface. Those scripts are not perfect and they can be exploited as has been seen in the past and as everyone can see in the right forums. Some staff and admins do care about this and others don't but how do you discern between those groups? You can't help but blindly trust them until they make mistakes.

=]

I strongly recommend to install roboform with firefox extension and different password for each site, preferably generated from roboform's utility "password generator" with more than 10 characters.

Also better don't use the built-in password manager of IE & firefox.

Nothing in the internet is totally secured.It's up to you to secure your existance and then you can feel more safe (but never totally safe).Every code that looks secured today may be unsecured in a few hours so you never be sure.Random and different password in every tracker is a good start.

No, its not risky at all :D

after what happened i guess that all trackers well have new privacy policy

all private sites are risky.. but i think you can use it and don't care about problems..
just use different passwords..

Just use a different password at all your private trackers and you'll be fine.

Might be a good idea to have, in parallel to the WIAW ratings, a shit list of known sites where they compromise your identity, such as storing passwords as plain text.

If a budding community were aware that they, if they are caught using plain text passwords, would be placed in the shit list, would ensure that such a practice wasn't practised.

If we are aware of places that disrespect their members, then maybe it is our (FST) duty to alert as many people as possible that a community tracker is abusing the trust shown by their members. After all, we know that stock TB script does NOT store passwords as plaintext, so there can only be one excuse to store them as plain text, and that is to harvest passwords to steal accounts at other trackers.

Do we really want such scum represented here? Should we not warn others of the scum that store passwords as plain text?

I'd be interested in what the management think about having a shit list. I think it may prove a worthwhile addition to the bit torrent section of FST.

Opinions.