Do you think I could just leave this part blank and it'd be okay? We're just going to replace the whole thing with a header image anyway, right?
You are not logged in.
Eh maybe I’ll still play EE. Idc my social media getting hacked or my own information getting spread. As long as my life doesn’t have risk it’s fine
she/her
also known as DevilCharlotte
search 2bisniekitastan if you wanna find my worlds on ArchivEE
Offline
Eh maybe I’ll still play EE. Idc my social media getting hacked or my own information getting spread. As long as my life doesn’t have risk it’s fine
it can be pretty serious, so id suggest not taking unnecessary risks. don't forget you could have viruses installed, etc...
My PC was already broken from last year anyway
she/her
also known as DevilCharlotte
search 2bisniekitastan if you wanna find my worlds on ArchivEE
Offline
viruses installed
How are viruses related in this case?
pls
Offline
cool stuff
Offline
Anatoly wrote:viruses installed
How are viruses related in this case?
pls
did you read what processor said? Even staff agreed that playing the game right now is fatal. The game could simply upload to your computer viruses to get even more information. The hackers have power to edit game files.
PTU wrote:Anatoly wrote:viruses installed
How are viruses related in this case?
pls
did you read what processor said? Even staff agreed that playing the game right now is fatal. The game could simply upload to your computer viruses to get even more information. The hackers have power to edit game files.
We don't know that they have access to game files. Again, in my own personal opinion with 0 internal insight into how the game works or literally anything at all, I think it's very unlikely that they do. They're clearly doing everything they can to get attention, and leaking hashed (irreversibly encrypted) passwords and editing the client would be the exactly the kind of flashy things they'd go for if they could. Since they're only leaking emails and inboxes, it seems like that's the worst they can do at this point.
But, even though it seems unlikely, until we know it's *impossible* we should assume that they have ability just because it'd totally suck to be wrong.
"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto
Offline
PTU wrote:Anatoly wrote:viruses installed
How are viruses related in this case?
pls
did you read what processor said? Even staff agreed that playing the game right now is fatal. The game could simply upload to your computer viruses to get even more information. The hackers have power to edit game files.
ITT: blatant fearmongering from someone who does not know how computers work tbh
Offline
It is fully valid to state that the Adobe Flash Player plugin may (and most likely does) contain vulnerabilities that could run arbitrary code outside of a sandbox environment.
It is pure speculation as to whether such a vulnerability is within the scope of their ability, although baseless assumptions shouldn't be made in lieu of a false sense of security either, and so I would side with Yonom and Anatoly in this instance and advise people to isolate the game client (ideally in a virtual machine or external computer) if they really wish to play in the meantime, even though relatively few would do so and so that advice only applies to people who sport a tin foil hat.
*u stinky*
Offline
or you coudl just chage your password i did it just to be safe but i still dont get hoe thye gto to see passwords thats clearly PIO's fault as its PIO's resposebility to sotre passwords safe and none ever gets to see them not even the staff
thanks hg for making this much better and ty for my avatar aswell
Offline
We don't know that they have access to game files.
We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.
Click the image to see my graphics suggestions, or here to play EE: Project M!
Offline
Different55 wrote:We don't know that they have access to game files.
LukeM wrote:We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.
by game files I mean client files and by access to the client files I mean the ability to modify them, which is one of two ways that they could possibly get their hands on passwords.
"Sometimes failing a leap of faith is better than inching forward"
- ShinsukeIto
Offline
Crybaby wrote:Different55 wrote:We don't know that they have access to game files.
LukeM wrote:We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.
by game files I mean client files and by access to the client files I mean the ability to modify them, which is one of two ways that they could possibly get their hands on passwords.
passwords are not in the client im aware of ( i think)
thanks hg for making this much better and ty for my avatar aswell
Offline
Just clearing up some terms:
The "DB" (which they have access to) refers to the PlayerIO game BigDB, which is what stores in-game information like worlds, campaign progress, mail, reports, bans, last known IP addresses, etc. (although for the time being we've disabled mail and the collection of IP addresses)
The "backend console" (which we strongly believe has been secure since early January, when the export was made) is what is used to upload new versions of the client and server, and can be used to access account emails / FB names.
passwords are not in the client im aware of ( i think)
The idea is that if they managed to upload a modified version of the client, it could send them your account info when you type it in. We are very sure that they do not have the ability to do this though, which is why we've kept the game running.
Offline
Just clearing up some terms:
The "DB" (which they have access to) refers to the PlayerIO game BigDB, which is what stores in-game information like worlds, campaign progress, mail, reports, bans, last known IP addresses, etc. (although for the time being we've disabled mail and the collection of IP addresses)
The "backend console" (which we strongly believe has been secure since early January, when the export was made) is what is used to upload new versions of the client and server, and can be used to access account emails / FB names.
peace wrote:passwords are not in the client im aware of ( i think)
The idea is that if they managed to upload a modified version of the client, it could send them your account info when you type it in. We are very sure that they do not have the ability to do this though, which is why we've kept the game running.
yeah whatever i rarely-actualy never log otu of ee so i do not to send this infomration
thanks hg for making this much better and ty for my avatar aswell
Offline
Crybaby wrote:Different55 wrote:We don't know that they have access to game files.
LukeM wrote:We're as sure as we can be that the attacker does not have access to new account information, but we know that the attacker still has access to the database.
by game files I mean client files and by access to the client files I mean the ability to modify them, which is one of two ways that they could possibly get their hands on passwords.
if that's the case then it looks like the entire raid was planned. (not like someone accidentally found an issue and used it).
It looks like they knew about the issue and when they found a way to bypass the security.
Then they simply prepared everything to hit Xenonetix in the heart.
if that's the case then it looks like the entire raid was planned. (not like someone accidentally found an issue and used it).
It looks like they knew about the issue and when they found a way to bypass the security.
Then they simply prepared everything to hit Xenonetix in the heart.
No, really? I would have never guessed.
Despite what people say, Different55 is the best mod.
Offline
[ Started around 1732210437.2165 - Generated in 0.099 seconds, 14 queries executed - Memory usage: 1.73 MiB (Peak: 1.97 MiB) ]