We were not hacked, read the latest news for information on what caused this.
Printable View
We were not hacked, read the latest news for information on what caused this.
Do you really store passwords in plain text?! I'm not on RTS. But it would really interest me, as I would NEVER EVER register with a site where I know the passwords will be saved as plain text in the database isntead of using a hash.Quote:
Originally Posted by RTS
We may of had some ddos attacks, but this does not mean our servers security isnt very very secure. And no, of course we do not keep it in plain text, it is encrypted, just to satisfy your interest.Quote:
Originally Posted by bledDo you really store passwords in plain text?! I'm not on RTS. But it would really interest me, as I would NEVER EVER register with a site where I know the passwords will be saved as plain text in the database isntead of using a hash.Quote:
Originally Posted by RTS
ahwell its happened to other sites before, and it will happen again.
Cough * SCT *
god damn mother fucking script kities
I think IRC passwords (for torrent sites) are stored in plain-text, that's why they ask you to use a different password for your account. I think account passwords are encrypted with MD5 or SHA1.Quote:
Originally Posted by bledDo you really store passwords in plain text?! I'm not on RTS. But it would really interest me, as I would NEVER EVER register with a site where I know the passwords will be saved as plain text in the database isntead of using a hash.Quote:
Originally Posted by RTS
I am still wondering why there were 2 notifications sent out. The first one was the one in this thread and there was another one that referenced the possibility of passwords and being accessed? hmmmmmmmmmmmm
Even on their own site there was 2 differant posts..Quote:
Originally Posted by SHUVT
The news early yesterday afternoon said the site was hacked. Then a few hrs later they changed it to say it was a "script" error.
Which one was it or was it a combination of both?
Also I know before when I tested your site when it was originally first opened your passwords were in plain text form. (Noticed when one of your staff asked me to test a few pages for injections. Reason I acctually deleted my own account when I saw that.) Perhaps you changed them to be encrypted since then who knows.
Yes, the first notification by PM that our site was hacked, is false - this was not what caused the problem. Also users passwords were never in plain text form, they have always been encrypted.Quote:
Originally Posted by MelvinmeowEven on their own site there was 2 differant posts..Quote:
Originally Posted by SHUVT
The news early yesterday afternoon said the site was hacked. Then a few hrs later they changed it to say it was a "script" error.
Which one was it or was it a combination of both?
Also I know before when I tested your site when it was originally first opened your passwords were in plain text form. (Noticed when one of your staff asked me to test a few pages for injections. Reason I acctually deleted my own account when I saw that.) Perhaps you changed them to be encrypted since then who knows.
yea...its the script that caused the damage....not hackers or shit....