Ok, I'm not a programmer, what does this mean?
-
Hey, guest user. Hope you're enjoying NeoGAF! Have you considered registering for an account? Come join us and add your take to the daily discourse.
Cheapassgamer site hacked
- Thread starter oldschoolpinball
- Start date
Ok, I'm not a programmer, what does this mean?
baddvision
Member
again? damn gina programmer john fucked up
qualitydisc
Member
I signed up for notifications, thanks for sharing this
7DollarHagane
Banned
This really sucks. Couldn't have happened to a nicer guy. Hope it doesn't hurt the site long term.
This highlights the importance of NEVER using a password twice. Create an unique password for each site you use, and use a password manager to keep track of them. If you're really paranoid just write the passwords in a notebook that you keep by the computer (Unless you have nosy family members or housemates).
But NEVER re-use passwords.
NOLA_Gaffer
Banned
Apparently two of my e-mail addresses were part of the Gawker and Adobe breaches, but since these were two and five years ago and I haven't seen any sort of repercussions, should I be worried about this now?
Ecto311
Member
I think the gawker and adobe ones were so huge that there are enough people in there where you are at much less of a risk. The CAG thing has to be a much smaller group of people. I know dick about the hash numbers and salts but I would change the passwords to things you care about if they were the same on cheapassgamer.com
I agree the podcast is going to be interesting. Can't ship and cheapy just activate more security? Call bill gates to fix this shit and add more servers with better salt already.
Memorabilia
Member
This isn't good. If they're already using this breech to access other accounts this has ratcheted up to a new level of criminal misconduct. I was prepared to come into this discussion with a laid back attitude. But at this point I'm sincerely hoping CheapyD notifies authorities. Although the FBI has much bigger fish to fry and limited resources, if any of the compromised info is used to cause monetary harm to people then this would constitute a federal crime, punishable by actual jail time. Perhaps the kid(s) responsible for this misdeed would think twice about doing it again if they were locked up and assigned "Bubba" as a cell-mate.
They were using an outdated version of their forum software, which they were for some reason displaying the version at the bottom of their forum. The version was from early 2014 and had known security problems - I believe there were 5 huge security upgrades since then.
You can see now that their site is back up, they are hiding the version of the software they are using.
Sucks to see though regardless, CAG is great.
You can see now that their site is back up, they are hiding the version of the software they are using.
Sucks to see though regardless, CAG is great.
Hip Hop
Member
That....seems really bad?
I love CAG too, but if that's the case that's super sloppy on their part, especially since cheapy makes his living from running the site (I think?).
gregor7777
Banned
Most of the internet is behind on their security updates. Seriously. It's a huge problem.
Dr. Zoidberg
Member
I think Cheapy makes his living from owning the site and calling the shots. The actual technical parts of running the site are all handled by "Super programmer John" who may reside in the UK, I think. Not sure where the servers physically reside.
Yup. Either people don't want to take the time to apply and reboot, or they are scared that updates are going to break something, which is understandable because sometimes they do, but the alternative is worse.
TheCochese
Banned
There's been some pointed criticism lately about the site going to shit. Security, moderation, technical glitches. The response seems to be, until now, that he doesn't give a shit. He got his notoriety, he's getting paid, what actually happens on the site doesn't matter as long as the revenue stream stays intact.
Now whether or not this is actually what is happening, I don't know. It gives the appearance as such.
Adam Tyner
Member
I mostly lurk on CAG but poke my head in a couple times a day, and, yeah, the moderation has been really inconsistent. On the technical end of things, for a pretty long while there, even something as straightforward as the 'previous' and 'next' links when navigating a thread on mobile didn't work. If you opened a link in a new window, it'd go where you expected. Otherwise (bad Javascript, maybe?), 'next' or 'last page' would take you to the first page of a thread. That's been fixed, but it seems like the latest revamp is almost universally disliked. How weird is it that the search in the header -- even after using advanced search! -- only looks at titles and not individual posts? If you search for a deal that isn't listed in the subject line, you won't find it.
Permanently A
Junior Member
does that mean they have my username and password?
orthodoxy1095
Banned
That's really not cool. Sounds like some terrible negligence on the part of CAG.
TheCochese
Banned
YianGaruga
Banned
entremet
Member
Maybe a former circuit city employee.
TheCochese
Banned
There was a thought it was some turd who got banned.
DragoonKain
Neighbours from Hell
Most of the hate out in the world is for illogical reasons, stemmed from inner personal issues.
ChaoticBlue
Member
aw well. there's always slickdeals.
Owningrampage
Banned
twitter.com/localblackhat ~Please, for the love of god. I ask you kindly to just shut this service down... you can't protect it.. Not only am I getting in over and over, but I'm fighting with another hacker to keep him out, he keeps removing my access the fucker.
this is what i get anyone else
this is what i get anyone else
baddvision
Member
wtf again?
orthodoxy1095
Banned
Yup.
I mean, I don't agree with the hacker's demand that they shut down, but he's right. CheapyD is obviously unable to protect it. This is pretty pathetic to watch.
Yep. Same thing. Although the site seems to be back now.
Andrew Evenstar
Member
this is hilarious. don't run a site if you can't run it properly.
Something, something victim blaming...
YianGaruga
Banned
The majority of the victims in this case are the users who trusted the site when they gave it their information.
Actually not really funny at all.
orthodoxy1095
Banned
CheapyD isn't really a victim I feel like sympathizing with here if he really was running a version of the forum software with known security problems. The victims are all the users getting screwed by their poor management.
Yep.
well, uhh, you can always check out my gaming deals app (IOS and Android)
www.brokegamerapp.com
yea, kinda shameless plug I guess... =)
www.brokegamerapp.com
yea, kinda shameless plug I guess... =)
hitsugi
Member
Thank you. I don't understand all the "fuck hackers" complaints. They exposed security vulnerabilities and provided several warnings before this happened. It falls on CAG to take these sorts of things more seriously for their users.
Saiyan-Rox
Member
Come on man that isn't cool.
So is the "Hacker" saying he's doing this because the site security is crap?
milkham
Member
Pretty sure every version of any software has known security problems
Velcro Fly
Member
well my email for there is a really old college one that i don't have access to
and my password there was unique
i think i'm done there. i never posted there and rarely even went there.
and my password there was unique
i think i'm done there. i never posted there and rarely even went there.
Dr. Zoidberg
Member
Again, I don't think Cheapy does any of the technical stuff. He pays another guy to do all that. Cheapy is ultimately responsible since he owns the site but it's for picking the wrong guy to program and run it, not keeping the patches up-to-date, etc. "Super Programmer John" is the one who screwed up and Cheapy will pay the price.