Thank you for safe, EE Staff!

icepegasus · 2019-07-24 18:55:56

peace wrote:

if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above

Hashed passwords are not impossible to crack, As a matter of fact it isn't even that hard to crack a hashed password.

ZeldaXD · 2019-07-24 18:57:24

peace wrote:

Gosha wrote:
peace wrote:
Growler wrote:
it has been speculated that there was a keylogger or bad freegame.swf that can get your account details if you type it in
Growler wrote:
It's impossible for this to be part of PlayerIO's fault as they hash any password. Nobody can get them, even the hard way so if anything,
??????
What don't you understand?
Playerio stores hashed passwords and ignores the case. Leaked passwords contain case sensitive plain text passwords. So it can't be playerio to blame.
if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above

PlayerIO is not at fault for this leak

peace · 2019-07-24 20:03:06

ZeldaXD wrote:

peace wrote:
Gosha wrote:
peace wrote:
Growler wrote:
it has been speculated that there was a keylogger or bad freegame.swf that can get your account details if you type it in
Growler wrote:
It's impossible for this to be part of PlayerIO's fault as they hash any password. Nobody can get them, even the hard way so if anything,
??????
What don't you understand?
Playerio stores hashed passwords and ignores the case. Leaked passwords contain case sensitive plain text passwords. So it can't be playerio to blame.
if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above
PlayerIO is not at fault for this leak

but how can ahshed passwords be readable then?

Gosha · 2019-07-24 21:35:43

peace wrote:

ZeldaXD wrote:
peace wrote:
Gosha wrote:
peace wrote:
??????
What don't you understand?
Playerio stores hashed passwords and ignores the case. Leaked passwords contain case sensitive plain text passwords. So it can't be playerio to blame.
if playerIO hashes the passwords how can they be leaked then?! this shoudlnt be possible as stated above
PlayerIO is not at fault for this leak
but how can ahshed passwords be readable then?

Use your logic.
You enter password in game -> it goes to pio -> pio converts it to lowercase, hashes it and stores.
If you somehow get hashed passwords and try to unhash them - you would get lowercase passwords.
It means there is something wrong in the first step
Enter password it game -> it goes to bad guys because of bad security of the game

Playerio is not the one whom you should blame

peace · 2019-07-24 21:51:02

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Gosha · 2019-07-24 22:21:05

peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

O my God.
Hackers hacked the badly designed game, not playerio database. That's all you need to know

Pqwerty

Pqwerty · 2019-07-25 03:26:25

peace wrote:

so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?

Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

peace · 2019-07-25 10:01:10

Pqwerty wrote:

peace wrote:
so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?
Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

ah this makes more sense

Pqwerty

capasha · 2019-07-25 17:39:48

Pqwerty wrote:

peace wrote:
so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?
Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.

This sound wrong. My friend use lowercase on his login. Still the leak are in uppercase, how?

icepegasus · 2019-07-25 17:47:55

capasha wrote:

Pqwerty wrote:
peace wrote:
so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?
Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.
This sound wrong. My friend use lowercase on his login. Still the leak are in uppercase, how?

Yes, that's what I said on xeno's thread about this breach. It doesn't make sense

Anatoly · 2019-07-25 19:56:09

Hello, this debate went pretty hot so i’d think I join. Not chasing any side because I need PROVES.

Yes, we can discuss whatever we want, but I need to know if the following are true:

1) PlayerIO hashes passwords, right? Can the hashes be stolen?
2) How did it came, that only accounts who logged in, in a specific period of time, are stolen? Does EE kind of save the password temporary or what?
3) Gosha: can you tell more about how xenonetix managed the game? Is I confirmed that only one person worked on eeu?
4) what is eeu’s current dev stage?

Also, not my job, but stay on topic: EEs security, not EEUs progress

Pqwerty · 2019-07-25 20:20:54

icepegasus wrote:

capasha wrote:
Pqwerty wrote:
peace wrote:
so what you say if you try to unhash then which is impossible you get the lowercase passwords but you alos say b y this post passwords are still case snsitive? and what do u mean by there is somethign wrong in the first step?
Someone got access to the EE source code and programmed it to send your password to the hacker before sending it to Player.IO. So the data was stolen before it got to Player.IO.
This sound wrong. My friend use lowercase on his login. Still the leak are in uppercase, how?
Yes, that's what I said on xeno's thread about this breach. It doesn't make sense

Aren't all the leaked passwords case-sensitive, though?

icepegasus · 2019-07-25 21:29:22

Anatoly wrote:

4) what is eeu’s current dev stage?
Also, not my job, but stay on topic: EEs security, not EEUs progress

That's a little hypocritical comment, don't you think?

rat

Pqwerty · 2019-07-25 22:12:50

Anatoly wrote:

1) PlayerIO hashes passwords, right? Can the hashes be stolen?

The hashes would have to be stolen from Player.IO, but yes I think they could be stolen if Player.IO got hacked.

Anatoly wrote:

4) what is eeu’s current dev stage?

alpha

(I don't have enough technical background to answer # 2, and I'm not Gosha so I can't answer # 3)

Gosha · 2019-07-25 23:39:01

Anatoly wrote:

Gosha: can you tell more about how xenonetix managed the game

No

Anatoly wrote:

Is I confirmed that only one person worked on eeu?

Are you confirmed?

Yes, only one person worked on eeu until the middle of January

mrjawapa · 2019-07-26 00:30:53

How many people here think they know what they're talking about, but really have no idea?

Joeyjoey65, Pqwerty

Kira · 2019-07-26 02:41:25

mrjawapa wrote:

How many people here think they know what they're talking about, but really have no idea?

This is how every forum debates ends. You have some interesting points thrown out here and there and poof, the great minds such as Anatoly, Peace joins for an ultimate ****.

mrjawapa, Joeyjoey65, St1ckS4m(EE), capasha

peace · 2019-07-26 09:27:43

Anatoly wrote:

1) PlayerIO hashes passwords, right? Can the hashes be stolen? idk
2) How did it came, that only accounts who logged in, in a specific period of time, are stolen? Does EE kind of save the password temporary or what? from whatpqwerty said the passwords were send to the hacker sbeofre they were send to PIO (who then hashe sthem)
3) Gosha: can you tell more about how xenonetix managed the game? Is I confirmed that only one person worked on eeu? we have now i belive 2+xeno workign on EEU luke and byte and i belle cercul1 for EEO han gon a second afeter i poste dthis ill check the fourm userlist woops forgot about koya and kenitya our ghrapics desingers i think they work on EEU too
4) what is eeu’s current dev stage? its still in alpha but its almost ready for closedbeta a few weeks left i guess

Mariomaster · 2019-07-26 10:34:47

Finally, can't wait for closed beta, I've been forced to go to EE Kong for my fix!

daneeko · 2019-08-02 20:07:00

so im still confused, how did some people not get hacked? is it because they didnt log in at a specific period of time? if so, it makes sense why i didnt get breached lol

Zumza · 2019-08-03 10:23:40

@Pqwerty

There was a Twitter post, but they deleted it in a very short time.
They also disabled email notification on the blog post regarding the breach.

They wanted to cover it up as much as they could had.

Xenonetix turned not EE, not EEU, but "waiting for EEU" into his business plan.

LIATRI42 · 2019-08-03 17:08:12

@Zumza
Maybe because they wanted to stay positive and do not make panic, taking the situation under their control?

capasha · 2019-08-03 17:43:36

Plesnuik wrote:

@Zumza
Maybe because they wanted to stay positive and do not make panic, taking the situation under their control?

I have never seen a company that got hacked have got silent about it. Maybe only you and xenonetix company.

LIATRI42 · 2019-08-03 19:22:41

capasha wrote:

I have never seen a company that got hacked have got silent about it. Maybe only you and xenonetix company.

Im not a company. Chris Lamb doesn't have a company. People put pressure on Xenonetix and give him extra stress, so in order to avoid ridicule and criticism, he decided not to cause a panic. (My personal opinion).
Think that the topic in the forum is quite enough, because who needs join the notepad and look for someone’s account. This happened to me because I created a post earlier that made some guy find me in the sheet and log into my accounts. You make an elephant out of a fly

Official Everybody Edits Forums

#26 2019-07-24 18:55:56, last edited by icepegasus (2019-07-24 19:00:02)

Re: Thank you for safe, EE Staff!

#27 2019-07-24 18:57:24

Re: Thank you for safe, EE Staff!

#28 2019-07-24 20:03:06

Re: Thank you for safe, EE Staff!

#29 2019-07-24 21:35:43

Re: Thank you for safe, EE Staff!

#30 2019-07-24 21:51:02

Re: Thank you for safe, EE Staff!

#31 2019-07-24 22:21:05

Re: Thank you for safe, EE Staff!

#32 2019-07-25 03:26:25

Re: Thank you for safe, EE Staff!

#33 2019-07-25 10:01:10

Re: Thank you for safe, EE Staff!

#34 2019-07-25 17:39:48

Re: Thank you for safe, EE Staff!

#35 2019-07-25 17:47:55

Re: Thank you for safe, EE Staff!

#36 2019-07-25 19:56:09

Re: Thank you for safe, EE Staff!

#37 2019-07-25 20:20:54

Re: Thank you for safe, EE Staff!

#38 2019-07-25 21:29:22

Re: Thank you for safe, EE Staff!

#39 2019-07-25 22:12:50

Re: Thank you for safe, EE Staff!

#40 2019-07-25 23:39:01, last edited by Gosha (2019-07-25 23:39:51)

Re: Thank you for safe, EE Staff!

#41 2019-07-26 00:30:53

Re: Thank you for safe, EE Staff!

#42 2019-07-26 02:41:25

Re: Thank you for safe, EE Staff!

#43 2019-07-26 09:27:43, last edited by peace (2019-07-26 09:29:01)

Re: Thank you for safe, EE Staff!

#44 2019-07-26 10:34:47

Re: Thank you for safe, EE Staff!

#45 2019-08-02 20:07:00

Re: Thank you for safe, EE Staff!

#46 2019-08-03 10:23:40, last edited by Zumza (2019-08-03 10:24:00)

Re: Thank you for safe, EE Staff!

#47 2019-08-03 17:08:12

Re: Thank you for safe, EE Staff!

#48 2019-08-03 17:43:36

Re: Thank you for safe, EE Staff!

#49 2019-08-03 19:22:41

Re: Thank you for safe, EE Staff!

Board footer