seems like the database wasn't actually 'compromised'.to say compromised would be an understatement,the whole database got jacked and its already on SALE in places like http://www.h4cky0u.org/forums/viewtopic.php?f=24&t=5176 ...so hell yeah its nothing serious,sarcastic indeed..its now definite that some people have been screwed and screwed really bad...u don't want people like some of those in that forum with your personal info,trust me or at worse for the thing to land on the hands of the M&R or some govt. highest bidder,if whoever did it did it just for the fun of it then that becomes a compromise but doing it so as to sell it is something worth to be concerned about..this is already a disaster happening...am also hearing that the database has been around for a while now,so this didn't just happen and in my own opinion the security alert at waffles would have been a little more strong worded,than what it was..

Well i dont care about my account info cuz i already take precautions at the begining:shifty: (but ppl should and will care!)
and i hope ppl wont meet with a policeman when tomorrow morning open their door...(especially staff members and top uploaders )
Then thanks to waffles and aint bithdtv had same fact one year ago?

I guess this is the chance that we all take being a art of these trackers. How dangerous is it?

Well, usernames and passwords are a given (and if you use the same ones on even 2 different sites, youre a fucking idiot). Then there are the logs possibly(?) Possible IP logs of activity on the site. I dont think thats too dangerous, since if people really wanted your IP they can get it.

but, life moves on and we continue to take our risks

we are damned!

Well, usernames and passwords are a given (and if you use the same ones on even 2 different sites, youre a fucking idiot).
DB Password won't get you very far, even if you use the same password everywhere, since they are md5 encrypted. If you can decrypt md5 strong passwords then i guess you won't be chasing the Waffles DB... ;)
So resetting the hash codes should solve just about every security issue there is.

IPs and statistics, i guess it might help to establish a warrant but it is entirely based on where you live. They might scare you off though.

My best guess is that except for the embarrassment to the site there is not much more that can happen... but that's just the optimistic me. :dabs:

Well, usernames and passwords are a given (and if you use the same ones on even 2 different sites, youre a fucking idiot).
DB Password won't get you very far, even if you use the same password everywhere, since they are md5 encrypted. If you can decrypt md5 strong passwords then i guess you won't be chasing the Waffles DB... ;)
So resetting the hash codes should solve just about every security issue there is.

IPs and statistics, i guess it might help to establish a warrant but it is entirely based on where you live. They might scare you off though.

My best guess is that except for the embarrassment to the site there is not much more that can happen... but that's just the optimistic me. :dabs:

Yeah, I understand the hashing and the salting of passwords. But if they are that secure why did Waffles advise changing them? Thats what I never understand. A trackers says "your passwords cannot be found becase they are hashed, but you should change them anyway" I find that comical.

Will waffles face the ghost of Oink?
i cannot imagine!

Will waffles face the ghost of Oink?
i cannot imagine!

Over a stolen database? no.

You like your site spread all over the net then join every site that doesn't now about security.Keep joining all the dick head sites.

DB Password won't get you very far, even if you use the same password everywhere, since they are md5 encrypted. If you can decrypt md5 strong passwords then i guess you won't be chasing the Waffles DB... ;)
So resetting the hash codes should solve just about every security issue there is.
...


Yeah, I understand the hashing and the salting of passwords. But if they are that secure why did Waffles advise changing them? Thats what I never understand. A trackers says "your passwords cannot be found becase they are hashed, but you should change them anyway" I find that comical.
Precaution never harmed anyone, that's the reason... Besides, if someone was going after an account it would be the admin's account and not yours.

Then there are the logs possibly(?) Possible IP logs of activity on the site. I dont think thats too dangerous, since if people really wanted your IP they can get it.


true mate,but u can imagine how hard a tracker tries to make sure that those people who want u don't get you,then something like this happens.especially with waffles being a music tracker i would imagine people like the RIAA would be very interested in those IPs..and if its an admin who did this,it kinda beats me as to why we wont REALLY name and shame,why protect such a person?has the admin been named yet? i may be wrong here but if there are no names yet i cant help but think that this may have been an anonymous hit from outside and people are just ashamed to admit that..

yeah.....what would they get from a nbankrupt bloke who can't ven pay for his own internet's avccount(NOT pointing to myself *hides*)

i tried deleting my acct ages ago...didn't work:fear:

true mate,but u can imagine how hard a tracker tries to make sure that those people who want u don't get you,then something like this happens.especially with waffles being a music tracker i would imagine people like the RIAA would be very interested in those IPs..and if its an admin who did this,it kinda beats me as to why we wont REALLY name and shame,why protect such a person?has the admin been named yet? i may be wrong here but if there are no names yet i cant help but think that this may have been an anonymous hit from outside and people are just ashamed to admit that..

Dont no the admins real name but his user name was nincb123

lol.... FAIL :P

What a turn of events in this exciting tale of deception. It's like a little soap opera on the internet, but more horrifying and with better acting.
We can all be expecting "MAKE UR LADY HAPY P3N1S BIGG3R" spam some time soon.

true mate,but u can imagine how hard a tracker tries to make sure that those people who want u don't get you,then something like this happens.especially with waffles being a music tracker i would imagine people like the RIAA would be very interested in those IPs..and if its an admin who did this,it kinda beats me as to why we wont REALLY name and shame,why protect such a person?has the admin been named yet? i may be wrong here but if there are no names yet i cant help but think that this may have been an anonymous hit from outside and people are just ashamed to admit that..

Dont no the admins real name but his user name was nincb123

yeah dude,seems like they decided to name him.interestingly same nick as on that site :)..i don't know if this is bad but he seems to be also selling the site's source code with some alleged interesting mods http://www.h4cky0u.org/forums/viewtopic.php?t=4899....thats basically a copy of the whole site in someone's PC,right?...kinda beats me though as to what info is exclusively for the sysOP and not some stranger whom u have never met but darn,running a tracker is a tough business and i can only sympathise when people get stabbed in the back like this....

ps:I think its high time for a waffles v2 with a new brighter source code =)

i tried deleting my acct ages ago...didn't work:fear:

same. Pmed and admin to get it deleted and nothing happened

BTW, the database is probably considered "old" by now. if its for sale, the chances are that the people who have it cannot get much useful out of it. With the big notices the staff are making about it, and if people are changing their email address or passwords, its not really going to be worth the money anyway.

/tinfoil hat
http://filesharingtalk.com/vb3/../images/smilies/fear.gif

haha its ironic i have an account at h4cky0u

Hey I just bought it. They gave me also a few ip's so im gonna call the fbi now

brb

how much is it ?

how much is it ?

donated to RIAA...

for a gathering of pirates, y'all are quite a paranoid bunch

Thankfully I'm behind nine proxies. You're not a true pirate if you're not behind at least seven proxies!

WHAT, So what..

im so scared!!!!!!!!














NOT!

Wow, that forum is a pretty big congregation of a-hole thieves and script-kiddies.

they are welcome to my account, maybe they will fix my ratio.

Who I am a little concerned for are the staff members and the major uploaders. Those are the people that could really get into some trouble.

Wow, that forum is a pretty big congregation of a-hole thieves and script-kiddies.

a-holes?NOoo!resourceful?YESsS!
So long as am not the victim(try checking out the privacy segment,interesting stuff there+ am loving the rapidshare premium generator :))
they are just like us ;)

LoL

LOL this is like on big advert for h4cky0u. there are probably going to be an influx of users on the site asking how to hack ftn so they can get an account ><