Be Excellent To Each Other

And, you know, party on. Dude.

All times are UTC [ DST ]




Reply to topic  [ 88 posts ]  Go to page Previous  1, 2
Author Message
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Tue Aug 07, 2012 17:03 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Dimrill wrote:
I'm going to use a bewildering array of different usernames and passwords for each application and service I use. Bound to be fine.

Hi!

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Mat Honan's epic hacking
PostPosted: Tue Aug 07, 2012 18:18 
Awesome
User avatar
Yes

Joined: 6th Apr, 2008
Posts: 12340
The Last Salmon Man wrote:
Dimrill wrote:
I'm going to use a bewildering array of different usernames and passwords for each application and service I use. Bound to be fine.

Hi!

make sure you remember each combination by writing then on a piece of paper that you keep next to the computer.

_________________
Always proof read carefully in case you any words out


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Tue Aug 07, 2012 21:10 
8-Bit Champion
User avatar
Two heads are better than one

Joined: 16th Apr, 2008
Posts: 14518
Mr Russell wrote:
The Last Salmon Man wrote:
Dimrill wrote:
I'm going to use a bewildering array of different usernames and passwords for each application and service I use. Bound to be fine.

Hi!

make sure you remember each combination by writing then on a piece of paper that you keep next to the computer.


And in case your not near your computer take a photo of it and put it somewhere safe like on instagram , you can make the paper look olde-timey so people wont think its your passwords


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 1:26 
User avatar
Full of plumptiousness

Joined: 30th Mar, 2008
Posts: 799
Location: Just left of perfection
Payment Institutions and merchants can display the card numbers they handle showing first six and last four digits and remain PCI-DSS compliant.

http://en.wikipedia.org/wiki/Payment_Ca ... y_Standard

The first six digits of the card number (known as Primary Account Number (PAN) in the industry) is the Bank Identification Number (BIN). BINs are assigned by each payment system, such as Visa, MasterCard et al, to their clients such as issuing and acquiring banks. Cards are issued using the same BIN for different reasons, the primary one being card product such as, for example, all Visa Corporate Credit Cards produced by Madeup Bank plc are issued under 456789. All this is essential for payment clearing and settlement purposes.

http://en.wikipedia.org/wiki/Bank_Identification_Number

_________________
Malc


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 6:55 
8-Bit Champion
User avatar
Two heads are better than one

Joined: 16th Apr, 2008
Posts: 14518
Reports are that Amazon have closed their loophole and now will request more information if you try to add a credit card and as a temporary measure Apple have stopped doing password resets over the phone

http://www.wired.com/gadgetlab/2012/08/ ... rd-freeze/


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 8:27 
User avatar
Gogmagog

Joined: 30th Mar, 2008
Posts: 48919
Location: Cheshire
Mr Russell wrote:
The Last Salmon Man wrote:
Dimrill wrote:
I'm going to use a bewildering array of different usernames and passwords for each application and service I use. Bound to be fine.

Hi!

make sure you remember each combination by writing then on a piece of paper that you keep next to the computer.


heh.

_________________
Mr Chris wrote:
MaliA isn't just the best thing on the internet - he's the best thing ever.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 9:52 
User avatar

Joined: 30th Mar, 2008
Posts: 14382
Location: Shropshire, UK
WTB wrote:
If I'm in a shop and the guy asks "do you want your card receipt, or...?" and I see that it's already printed off, I always think "well fuck yes I'd rather have it than leave it with you".

At present, I have three credit cards and two debit cards in my wallet.

I can't remember which one I may have bought something with, so having the last four digits is handy.

When Subway introduced contactless payments into the one local to my office, I started using that. Contactless payments don't produce a card receipt for the customer, just the merchant, but they didn't know this and kept giving me their copy of it.

Were I so inclined, could I have rang the bank and said those charges were fraudulent and Subway wouldn't have been able to prove otherwise?


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:02 
User avatar
Excellent Member

Joined: 25th Jul, 2010
Posts: 11128
GazChap wrote:
Contactless payments don't produce a card receipt for the customer, just the merchant


I'm surprised that makes a difference. Surely you get a receipt because you've used a card to pay for something, I don't understand why the exact method the system uses to get your card details (sticking card in slot vs swiping card through slot vs contact-less magic) should have any effect on that. All you're changing is the interface, not the action, and thus nothing downstream of the connection between the two actors should change surely?


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:03 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
I think it's for convenience rather than anything else. It sort of defeats the point of being quick if you have to wait for a receipt.

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:11 
SupaMod
User avatar
Commander-in-Cheese

Joined: 30th Mar, 2008
Posts: 49244
GazChap wrote:
WTB wrote:
If I'm in a shop and the guy asks "do you want your card receipt, or...?" and I see that it's already printed off, I always think "well fuck yes I'd rather have it than leave it with you".

At present, I have three credit cards and two debit cards in my wallet.

I can't remember which one I may have bought something with, so having the last four digits is handy.


I don't understand this. Do you pick a card out of your wallet at random?

_________________
GoddessJasmine wrote:
Drunk, pulled Craster's pork, waiting for brdyime story,reading nuts. Xz


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:12 
User avatar
Excellent Member

Joined: 25th Jul, 2010
Posts: 11128
The Last Salmon Man wrote:
I think it's for convenience rather than anything else. It sort of defeats the point of being quick if you have to wait for a receipt.


Presumably thought you'll still get a receipt for the item you've actually bought (just not the card transaction itself) so you'd still be waiting for a print out regardless.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:15 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Bamba wrote:
The Last Salmon Man wrote:
I think it's for convenience rather than anything else. It sort of defeats the point of being quick if you have to wait for a receipt.


Presumably thought you'll still get a receipt for the item you've actually bought (just not the card transaction itself) so you'd still be waiting for a print out regardless.

They are optional.

http://www.contactless.info/stebystepgu ... econtent=5

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:21 
User avatar

Joined: 30th Mar, 2008
Posts: 14382
Location: Shropshire, UK
Craster wrote:
I don't understand this. Do you pick a card out of your wallet at random?

Not at random, but I do use different cards for different things and it's not always easy to remember.

Some things are obvious (to me) - I always use my Tesco credit card to pay for petrol for example, as I get clubcard points for it and combined with the Shell V-Power card or the Morrisons Miles card I get double benefits ;)

The balances for each are often up and down and I keep track of them quite regularly so I tend to use whichever card has the lowest balance, but that's not always easy to remember a week or so later.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:31 
User avatar

Joined: 30th Mar, 2008
Posts: 14382
Location: Shropshire, UK
Bamba wrote:
The Last Salmon Man wrote:
I think it's for convenience rather than anything else. It sort of defeats the point of being quick if you have to wait for a receipt.


Presumably thought you'll still get a receipt for the item you've actually bought (just not the card transaction itself) so you'd still be waiting for a print out regardless.

Not at Subway, not much point in a receipt at Subway really unless you're claiming expenses.

If you're not happy with the sandwich, in which case it's pretty obvious that it's from Subway, and it's not like you can take it back a few days later ;)


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:39 
User avatar

Joined: 27th Mar, 2008
Posts: 14497
It's all pretty simple for me. Two debit cards. Neither of them have fuck all on them.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:43 
User avatar
Gogmagog

Joined: 30th Mar, 2008
Posts: 48919
Location: Cheshire
WTB wrote:
It's all pretty simple for me. Two debit cards. Neither of them have fuck all on them.


o/

_________________
Mr Chris wrote:
MaliA isn't just the best thing on the internet - he's the best thing ever.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 10:51 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
I have two debit cards (current and joint current accounts), one credit card for everyday online purchases and another for major purchases/emergencies.

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 11:19 
User avatar
Honey Boo Boo

Joined: 28th Mar, 2008
Posts: 12328
Location: Tronna, Canandada
The Last Salmon Man wrote:
I have two debit cards (current and joint current accounts), one credit card for everyday online purchases and another for major purchases/emergencies.


Code:
GNATWEST - THE FRANK BANK
STATEMENT FOR RUDD, M AND RUDD, A.      07 JULY 12 - 06 AUG 12

07JUL12 - MAJESTIC WINES..................20.00
08JUL12 - MAJESTIC WINES..................20.00
09JUL12 - MAJESTIC WINES..................50.00
09JUL12 - MAJESTIC WINES..................20.00
11JUL12 - BARGAIN BOOZE...................20.00
14JUL12 - VIRGIN WINES MMBR SUB...........10.00
16JUL12 - ALS SOULPATCH WAX.COM...........23.49
20JUL12 - MAJESTIC WINES..................64.00
22JUL12 - GALLO BROS DIRECT...............21.99
24JUL12 - GP SPINACH FARMS...............149.50
25JUL12 - MAJESTIC WINES..................20.00
29JUL12 - WORLDOFLEATHERPANTS............499.95
03AUG12 - MAJESTIC WINES..................56.00


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 11:21 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Amazing scenes. :DD

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 11:23 
SupaMod
User avatar
Commander-in-Cheese

Joined: 30th Mar, 2008
Posts: 49244
Quote:
16JUL12 - ALS SOULPATCH WAX.COM...........23.49


Superb.

_________________
GoddessJasmine wrote:
Drunk, pulled Craster's pork, waiting for brdyime story,reading nuts. Xz


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 11:27 
User avatar

Joined: 27th Mar, 2008
Posts: 14497
MaliA wrote:
WTB wrote:
It's all pretty simple for me. Two debit cards. Neither of them have fuck all on them.


o/


\o


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 11:29 
User avatar

Joined: 27th Mar, 2008
Posts: 14497
Perkies' dedication to cracking a funny is unrivalled.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Wed Aug 08, 2012 11:54 
User avatar
ugvm'er at heart...

Joined: 4th Mar, 2010
Posts: 22397
:D

I have 1 debit card and 3 credit cards. (well 4 technically)

1 dual account from lloyds that has an amex and a mastercard attached to it. I never use this but i've had it for 18 years so it has a ludicrously high credit limit, I keep it because you never know...
1 Santander card that pays 3% cashback on fuel and 1% cashback on supermarkets, so I use it purely for those.
1 Capital One card that gives me cashback on everything, starting at 0.5% and going up to 1.5% depending on how much I spend on it per year, I use that for everything else.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:16 
User avatar
MR EXCELLENT FACE

Joined: 30th Mar, 2008
Posts: 2568
I just had to reset my 123-reg password. The details I had to give to reset were criminally easy to get (email,name,phone number, address -- aren't these in the whois registry?!) and worse of all I could choose to send the reset email to _any_ email address?!

edit: Thinking about it, 123 reg is one of those sites that enforces that your password must be 8 letters and contain this and that. Which is why I can never remember the password for that site. My 18+ character passphrases which I can easily remember? INSECURE. (according to 123 reg)

_________________
This man is bound by law to clear the snow away


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:18 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Pod wrote:
I just had to reset my 123-reg password. The details I had to give to reset were criminally easy to get (email,name,phone number, address -- aren't these in the whois registry?!) and worse of all I could choose to send the reset email to _any_ email address?!

Yeah, that's not great. Did you have to confirm your 123-reg username, though? That wouldn't be easily got hold of, I wouldn't have thought.

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:20 
User avatar
MR EXCELLENT FACE

Joined: 30th Mar, 2008
Posts: 2568
The Last Salmon Man wrote:
Pod wrote:
I just had to reset my 123-reg password. The details I had to give to reset were criminally easy to get (email,name,phone number, address -- aren't these in the whois registry?!) and worse of all I could choose to send the reset email to _any_ email address?!

Yeah, that's not great. Did you have to confirm your 123-reg username, though? That wouldn't be easily got hold of, I wouldn't have thought.



username OR one of the domains I hold!

QUIZ TIME: I'll let you guess what my username is. Hint: if you know my email address you know it. (Probably a mistake on my part)

_________________
This man is bound by law to clear the snow away


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:23 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69725
Location: Your Mum
The worst thing about 123-reg is that your password can't be more than eight letters.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:25 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Not great at all. When I worked for them we were a lot more careful, only sending to a 3rd party email address if they could confirm last 4 digits of card plus some random activity on the account. If they couldn't, we insisted on a scan of ID.

Might be worth emailing them with your concerns.

Grim...: you say that, but mine is 11. We've done this before, though.

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:26 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69725
Location: Your Mum
Aye. I took a screenshot, I think, so God knows what's different between your account and mine.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:27 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69725
Location: Your Mum
Aha!
viewtopic.php?p=659440#p659440
Maybe I don't pay them enough money :)

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:28 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Grim... wrote:
Aha!
viewtopic.php?p=659440#p659440
Maybe I don't pay them enough money :)

It can't be that I used to be staff either, as my password was different (ie shorter) when I worked for them. :shrug:

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:28 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69725
Location: Your Mum
:shrug:

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:31 
User avatar
MR EXCELLENT FACE

Joined: 30th Mar, 2008
Posts: 2568
CORRECTION: The whois details for my domain all just point to 123 reg. So some of the details are SAFE, unless you happen to know where I live via one of the other thousands of ways of getting that. (like was done in the article). But that tells a haxor what domains I have under my 123reg account, so they don't need my username.

INTERESTING: Upon trying to reset I'm offered to _add_ a security question to my account! So now a potential hacker has wrapped my account up in needless questions to make it even harder for me to recover in the event of a hack.

These are the standard "actually another password that's even harder to remember than the first, because who really remembers what answer you gave for the question 'who was your favourite teacher' 2 years ago?!"

_________________
This man is bound by law to clear the snow away


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:33 
User avatar
MR EXCELLENT FACE

Joined: 30th Mar, 2008
Posts: 2568
The Last Salmon Man wrote:
Grim... wrote:
Aha!
viewtopic.php?p=659440#p659440
Maybe I don't pay them enough money :)

It can't be that I used to be staff either, as my password was different (ie shorter) when I worked for them. :shrug:


They probably just got shitter. I edited my post before you first replied to this:

edit: Thinking about it, 123 reg is one of those sites that enforces that your password must be 8 letters and contain this and that. Which is why I can never remember the password for that site. My 18+ character passphrases which I can easily remember? INSECURE. (according to 123 reg)


So I'm agreeing with Grim that 8 characters is STUPID. I have lots of passwords, but none of them are 8 letters. (7, 9, 14 etc). Well, I have some 8 letter ones, but they contain things like ^ and so on that sites like 123 reg usually cry about.

_________________
This man is bound by law to clear the snow away


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:33 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69725
Location: Your Mum
Pod wrote:
They probably just got shitter.

I've been with them since 2002, and they've always done it.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:35 
User avatar
UltraMod

Joined: 27th Mar, 2008
Posts: 55719
Location: California
Grim... wrote:
Pod wrote:
They probably just got shitter.

I've been with them since 2002, and they've always done it.

I worked there between 2004-2006 and we never once had anyone complain about it. :S

_________________
I am currently under construction.
Thank you for your patience.


Image


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:37 
User avatar
MR EXCELLENT FACE

Joined: 30th Mar, 2008
Posts: 2568
PS GRIM:

viewtopic.php?p=667130#p667130

Quote:
Exactly what do you think they (or anyone else) are going do with your precious name, date of birth and email address?


Break into my 123-reg account!

IN YOUR FACE.

_________________
This man is bound by law to clear the snow away


Top
 Profile  
 
 Post subject: Re: Mat Honan's epic hacking
PostPosted: Mon Aug 13, 2012 9:54 
SupaMod
User avatar
Est. 1978

Joined: 27th Mar, 2008
Posts: 69725
Location: Your Mum
Pod wrote:
Break into my 123-reg account!

As long as they have your address and phone number, of course.

Fuck me though, think how many people have those details.

_________________
Grim... wrote:
I wish Craster had left some girls for the rest of us.


Top
 Profile  
 
Display posts from previous:  Sort by  
Reply to topic  [ 88 posts ]  Go to page Previous  1, 2

All times are UTC [ DST ]


Who is online

Users browsing this forum: Columbo, Malc, markg and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search within this thread:
You are using the 'Ted' forum. Bill doesn't really exist any more. Bogus!
Want to help out with the hosting / advertising costs? That's very nice of you.
Are you on a mobile phone? Try http://beex.co.uk/m/
RIP, Owen. RIP, MrC. RIP, Dimmers.

Powered by a very Grim... version of phpBB © 2000, 2002, 2005, 2007 phpBB Group.