DeepEnigma
Gold Member
He did it for the clicks.
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Rooster Teeth hacked, Usernames, Passwords, Emails potentially stolen
- Thread starter Par Score
- Start date
He did it for the clicks.
The controversy may have drawn their site more unwanted attention than it would normally get which may have drawn a hacker to take a look at their security but that doesn't mean it's ABOUT Fallout.
Think of it like this I'm passing by your house not noticing anything when I hear you shout "Screw Donald Trump!" now if I glance toward the shout and notice your door is open and come in and rob you, was the robbery BECAUSE of the derision you showed Donald Trump or was it because you made me notice you by shouting?
The idea that someone would hack them to stick up for Gerstmann when he already dealt with them seems kind of insane.
I suppose it could be about ethics in shilling though.
funkystudent
Member
Websites get hacked all the time. I'd say its probably a coinsurance.
Or maybe some random hacker kid saw RT pop up on reddit or GAF or something and decided to poke at their website and found they had everyones info as clear as day.
GB has had people shit on before. The GB community normally just yell at people over social media when that happens.
OdysseusVA
Banned
You mess with the bull you get the horns
Jeff Gerstmann plays for keeps
Jeff Gerstmann plays for keeps
ElBoxyBrown
Banned
Scientist Supreme!
Banned
What? I wasn't implying that GB fans did this. Just that the gifs were silly.
ShadowOfTheIco
Banned
The cult of Gerstmann is real.
I know. I used to post extensively over at Giantbomb for many years. I've seen it.
I know. I used to post extensively over at Giantbomb for many years. I've seen it.
I see, thanks. Joined GB two years ago, since then I live in a GB bubble. Totes comfy so I ain't leavin.
SaganIsGOAT
Junior Member
Well done Internet and gaming community. Add this to the list of why gaming culture is sad
DeepEnigma
Gold Member
The fact that you lump everyone with access to the internet and gifs into one group (in this case GB fans), makes me laugh at your digging social stance in the other thread.
You have an angle. Your transparency is showing.
The fact that you lump everyone with access to the internet and gifs into one group (in this case GB fans), makes me laugh and your digging social stance in the other thread.
You have an angle. Your transparency is showing.
Dr. Tracksuit stole his cheese crackers when he was a kid.
I bet he's a Yoshi fan that can't take a joke.
It's funny (sad) how some people are more willing to believe that this was the work of some disgruntled GB fans than to admit that Rooster Teeth was shilling for Bethesda.
Case in point. Do you have any proof that this was done by "the gaming community"? Websites are breached every single day. Yet you choose to assume that, again, this is the work of some angry fans... Not to mention that RT did virtually nothing to protect their users from this sort of stuff.
Case in point. Do you have any proof that this was done by "the gaming community"? Websites are breached every single day. Yet you choose to assume that, again, this is the work of some angry fans... Not to mention that RT did virtually nothing to protect their users from this sort of stuff.
It's probably just a coincidence. RoosterTeeth is huge and have multiple reasons to be targeted other than an angry GB fan.
DeepEnigma
Gold Member
Very true. Lizard or Anon have been known to attack shilling sites, etc.
*puts on tin foil hat*
What if this was some elaborate ruse by RT. To divert the nasty attention they were receiving, hoping to gain sympathy for some of the gamers that down voted them the past two days, for their stupid, almost slanderous comments?
*takes hat off*
Whoa!
RiccochetJ
Gold Member
Hehe. Well I suppose your conspiracy theory has about as much validity as it being some disgruntled GB fan.
RealityCheque
Banned
I only learned of the existence of rooster teeth yesterday. Now I learn that a person can have an account there!!?
So, can Jeff Gerstmann account for his whereabouts over the last 12 hours??!!
(And quit bitching about the reasons - or not - for the hack. They stored user details in plaintext. It's 2015.)
So, can Jeff Gerstmann account for his whereabouts over the last 12 hours??!!
(And quit bitching about the reasons - or not - for the hack. They stored user details in plaintext. It's 2015.)
gunstarhero
Member
You mess with the Gerts and you get the Hurts.
muffinsAKA
Neo Member
Welcome to the Jeff.Zone
RealityPales
Member
I blame Fallout 4.
Must have nailed the last attempt remaining.
The exact same thing happened to RT in 2013, and back then their "Director of Technology" said "It's actually encrypted passwords -- Please retire that password. They are heavily salted."
killer rin
Member
This really does suck. Saw the news on reddit and moved to reset my password on their site.
That said, I don't think that the passwords were in plaintext guys. This is what Adam Baird (Rooster Teeth's Director of Technology) said when they were hit back in 2013 "It's actually encrypted passwords -- Please retire that password. They are heavily salted.". He then goes on to elaborate down the thread that ever since they moved to their new site passwords have been hashed.
That said, I don't think that the passwords were in plaintext guys. This is what Adam Baird (Rooster Teeth's Director of Technology) said when they were hit back in 2013 "It's actually encrypted passwords -- Please retire that password. They are heavily salted.". He then goes on to elaborate down the thread that ever since they moved to their new site passwords have been hashed.
Felix Lighter
Member
Anyone who finds themselves changing passwords all over the place today, seriously look at something like keypass. It will take a load off your mind the next time this happens. It turns a huge pain in the ass to a 2 minute single password reset.
RealityCheque
Banned
Then I retract my comment.
So they've been successfully hacked twice in 2 years? Fine work.
Scientist Supreme!
Banned
Couldn't think of a more witty retort then, Oh My!The fact that you lump everyone with access to the internet and gifs into one group (in this case GB fans), makes me laugh at your digging social stance in the other thread.
You have an angle. Your transparency is showing.
Kadayi
Banned
Yeah, for sure. I remember the hack in 2013 being a big deal, so it's crazy that it happened again. If the passwords are hashed properly there's no way a hacker can view them, right?
Oh, so maybe they don't suck quite so much at security and instead just have incredibly shitty PR?
That's not so bad, though with things like these you need to present all of the information available as plainly as possible so your users know what actions to take (and so you don't look like morons).
I mean "Based on what we know, your username, password and email address may have been viewed" is ambiguous for sure, but it's ambiguous on the side of plaintext, which would be a horrific admission.
outunderthestars
Banned
I have reason to doubt your scientific credentials.
Every post I ever see of yours is salt filled angst or personal attacks. Maybe take a break from the internet for awhile.
If there were "proper hashes" in place like that guy said, is there any way that a hacker can be able to view those passwords? I thought that was the whole point.
killer rin
Member
Pretty much. It really is weird, Rooster Teeth is usually great when it comes to PR and at being opened to their community in general, but for some reason they completely shit the bed with the messaging for this.
Jorok Goldblade
Member
In a perfect world, this would be settled in a fake feud between Gus and Jeff. With Michael and Dan as their hype men.
Scientist Supreme!
Banned
I guess I should clarify that comment. I was saying people would a negative idea of GB fans with this thread.
Also, I would like a example of that. I probably know which one your going to pick but that situation is a little more complicated.
Don't know what "salt filled angst" is.
EdibleExplosives
Member
I tip my fedora to you sir, what a brilliant quip!
killer rin
Member
Not exactly, its just a text file or a database entry. Its all down to the implementation. As a basic example, this is the differences between the ways to store a password.
If its plaintext, that file will be formatted like this
If its salted, it would look something like this
and if its hashed, it would look like this
Here is a source if you want to know more https://crackstation.net/hashing-security.htm
Not to mention it's always better to assume the worst in these cases and assume if information was accessed it's always possible that at some point present or future it may be decrypted, hence the messaging.
Have they said yet whether or not the breach was related to that threatening post in the subreddit this morning? Someone was demanding RT fire Meg. It was removed pretty quickly.
Have they said yet whether or not the breach was related to that threatening post in the subreddit this morning? Someone was demanding RT fire Meg. It was removed pretty quickly.
I mean, nothing's perfect, but with appropriate salted hashes it at least buys your users a significant amount of time to sort their shit out, and takes some effort on the part of the hackers.
But if they did this properly, why the hell isn't that apparent in their messaging? Having this only be stated in a two-year old tweet isn't exactly making it front and centre.
Okay, thanks. Reading that it sounds like if you do it properly it would at least be a really slow process to get anything out of a list of passwords that have been hashed/salted.
Pardon?