User Name
Password

Go Back   Planetarion Forums > Planetarion Related Forums > Planetarion Suggestions

Reply
Thread Tools Display Modes
Unread 26 Mar 2011, 21:27   #1
[DDK]gm
Registered User
 
Join Date: Nov 2003
Posts: 898
[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future[DDK]gm has a brilliant future
Secrurity Risk

With the move to email being used for login we must have SSL for the login process as it is putting players at a higher risk.

Will this be sorted soon?
__________________
R4-5 DDK
R6 Vanx
R7-R10 FAnG
R10 Eclipse
R10.5-R13 FAnG
R20-23 CT
R23 (CT BG) ToF
R24-R82... CT
[DDK]gm is offline   Reply With Quote
Unread 26 Mar 2011, 22:00   #2
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

..what?
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 26 Mar 2011, 22:28   #3
Influence
Finally retired
 
Join Date: Mar 2007
Posts: 788
Influence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to behold
Re: Secrurity Risk

sending your e-mailadres over a non-secured connection is considered as highly vulnerable to pretty much everyone in the security community. Especially when it comes to using them in logins.
__________________
don't be an arse, join [TiT]

In the absence of the good old TiT alliance, look me up in VGN
Influence is offline   Reply With Quote
Unread 26 Mar 2011, 22:30   #4
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

Bullshit.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 27 Mar 2011, 12:30   #5
DoDDy
Twisted Individual
 
Join Date: Sep 2010
Location: Reading
Posts: 50
DoDDy can only hope to improve
Re: Secrurity Risk

Quote:
Originally Posted by Influence View Post
sending your e-mail address over a non-secured connection is considered as highly vulnerable to pretty much everyone in the security community. Especially when it comes to using them in logins.
Well technically, yes.... and given the fact most people use the same password......

However, anyone with the know-how of obtaining your details would probably not bother with cracking PA to obtain them as there is no real financial gain from it.

Imagine your empty shed with no lock, you wouldn't worry about things getting stolen
__________________
RD39 Apprime
#17 | 4:2:7 |Schumacher Levy 9 of Collision on Jupiter
DoDDy is offline   Reply With Quote
Unread 27 Mar 2011, 12:35   #6
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

Quote:
Originally Posted by DoDDy View Post
most people use the same password.
That is the security risk.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 27 Mar 2011, 13:28   #7
Influence
Finally retired
 
Join Date: Mar 2007
Posts: 788
Influence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to beholdInfluence is a splendid one to behold
Re: Secrurity Risk

Quote:
Originally Posted by DoDDy View Post
However, anyone with the know-how of obtaining your details would probably not bother with cracking PA to obtain them as there is no real financial gain from it.
The thing is that you don't need to crack PA in order to obtain unencrypted data from the datastream between the user and PA. You can use a simple packetsniffer to analyze the datapackets sent over the network. This is a practice that is commonly used on open and public (wireless) networks.

And given the fact that people allways use the same password (for reasons of ease) adding another 'fixed' field in the login process is frowned upon. Especially over unencrypted connections.
__________________
don't be an arse, join [TiT]

In the absence of the good old TiT alliance, look me up in VGN
Influence is offline   Reply With Quote
Unread 27 Mar 2011, 14:50   #8
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

God, you are absolutely ****ing clueless. Using an email address instead of a user name makes no difference whatsoever. If that's what your security policy depends on, you are already well and truly ****ed.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.

Last edited by Mzyxptlk; 27 Mar 2011 at 14:58.
Mzyxptlk is offline   Reply With Quote
Unread 27 Mar 2011, 16:30   #9
Sebos
...
 
Join Date: Jul 2005
Posts: 146
Sebos is a jewel in the roughSebos is a jewel in the roughSebos is a jewel in the rough
Re: Secrurity Risk

However i bet you have no problems using it for something else? also how hard is it to use a different password

the simple fact is that you will be the security risk not someone knowing your e-mail. The problem is not if the site is secure etc the problem is the user.
Sebos is offline   Reply With Quote
Unread 27 Mar 2011, 18:27   #10
budious
Egoistic Warmonger
 
budious's Avatar
 
Join Date: Jun 2009
Posts: 109
budious has a spectacular aura aboutbudious has a spectacular aura about
Re: Secrurity Risk

I might agree to an extent if I was using my [email protected] format email to access PA from a unencrypted public network that SSL would be an added benefit. However, the password argument is entirely user subjective and your responsibility.

You should be aware of the risk of sharing passwords between any website or Internet service, and eliminate it as often as possible by using different passwords. Complexity of your password should be determined by your evaluation of the risk of damage if your account is accessed on a particular service by an unauthorized individual. I'm going to put an extremely complex password but one that I can remember and type it in manually on my banking service, but for PA I'll just save the default randomly generated password emailed to me by PA to my web browser.

My recommendation, is if you're not comfortable using a personally identifiable email address without SSL because you use a public unencrypted network for PA access then you should signup with a secondary email account that obscures those details.
budious is offline   Reply With Quote
Unread 17 Aug 2011, 12:50   #11
MrLobster
Commander in Briefs!
 
MrLobster's Avatar
 
Join Date: Dec 2000
Location: UK
Posts: 783
MrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud of
Re: Secrurity Risk

A good way to do passwords is to use a phrase.

e.g. "i love pa"

Having it relevant to the website helps in remembering it.

However having SSL as an option is good.

Even if you use different passwords for websites, your email is still on display. Then its open to phishing attacks, and spam.
__________________
<Kila> WHAT HAVE YOU DONE WITH MY PRECIOUS FORUMS
<Zeyi> 24h forum closure
<Zeyi> all posts recalled

"he's got a proven track record when it comes to showy art composition" - Tommy

<Sigi> Light: can I ask u how many open internet-windows u always have?
<MrLobster|PM> i have 2, the pa page, and the website for naked light pictures
<Ave> both has bad gfx
MrLobster is offline   Reply With Quote
Unread 17 Aug 2011, 12:54   #12
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

"i love pa" is a bit on the short side, but yes, phrases are easier to remember than arbitrary strings of characters. A related approach is to use a sentence and picking the first letter of each word.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 17 Aug 2011, 12:56   #13
MrLobster
Commander in Briefs!
 
MrLobster's Avatar
 
Join Date: Dec 2000
Location: UK
Posts: 783
MrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud of
Re: Secrurity Risk

While first letter approach is even better, the fact of trying to remember that in a pinch, is lot harder.
__________________
<Kila> WHAT HAVE YOU DONE WITH MY PRECIOUS FORUMS
<Zeyi> 24h forum closure
<Zeyi> all posts recalled

"he's got a proven track record when it comes to showy art composition" - Tommy

<Sigi> Light: can I ask u how many open internet-windows u always have?
<MrLobster|PM> i have 2, the pa page, and the website for naked light pictures
<Ave> both has bad gfx
MrLobster is offline   Reply With Quote
Unread 17 Aug 2011, 13:52   #14
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

Password management is not a solvable problem, anyway, not without serious help from technology. Users cannot be expected to remember anywhere between 15 and 50 completely different passwords. So people use sticky notes on their monitor, or the same password everywhere, or '123456'. We clever people then laugh at them and call them stupid for engaging in such laughably bad practices, but forget that we were the ones who originally forced them into a dumb system. When giving people dirt, don't expect cathedrals.

Thankfully, we've now reached a point at which every browser can securely store an infinite number of passwords, no matter how hard to remember they are. There's still a single point of failure (like using the same password everywhere), but the master password that can only be entered locally, making it much harder to get at. And asking people to remember one high quality password is a hell of a lot more reasonable than asking them to remember twenty of them.

None of that has anything to do with PA, though.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 17 Aug 2011, 18:57   #15
Zeyi
Tides of Fire
 
Join Date: Feb 2008
Location: UK
Posts: 318
Zeyi is just really niceZeyi is just really niceZeyi is just really niceZeyi is just really niceZeyi is just really nice
Re: Secrurity Risk

Your password management post reminded me of: http://imgs.xkcd.com/comics/password_strength.png



SSL should be implemented regardless, unless you have a damn good reason why less security is better than more security. If the reason is PA team will take 4 years to do it, then that's pretty much assumed on every suggestion anyway and has nothing to do with the suggestion at hand.

I'm not even sure Netgamers supports SSL, which is pretty dire. I've certainly not seen it written anywhere which is why I've never tried.
__________________
Quote:
"Hold the newsreader's nose squarely, waiter, or friendly milk will countermand my trousers."

Last edited by Zeyi; 17 Aug 2011 at 19:02.
Zeyi is offline   Reply With Quote
Unread 17 Aug 2011, 20:30   #16
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

That comic has been going around lately. I don't agree with the actual idae, all these cute little remember-your-password schemes work, but only until you have about 5 of them, and then the schemes become just as much effort to remember as Tr0b4dor3&: "What was it again, something with a horse, and it being correct about something? A box?". What the comic has done, though, is make people (me) realise that passwords are a broken idea.

As for SSL.. Yeah, you know, it'd be nice to have, but honestly, no one is going to bother cracking your PA password. Have you ever heard of it happening? I sure haven't. There's just nothing in it for anyone. It would be more useful on IRC, but there too, there's very little to gain by tapping into someone's IRC traffic. It's not like we're under surveillance by the FBI or something.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 18 Aug 2011, 00:01   #17
MrLobster
Commander in Briefs!
 
MrLobster's Avatar
 
Join Date: Dec 2000
Location: UK
Posts: 783
MrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud ofMrLobster has much to be proud of
Re: Secrurity Risk

Just because your paranoid, doesnt mean someones not after you....
__________________
<Kila> WHAT HAVE YOU DONE WITH MY PRECIOUS FORUMS
<Zeyi> 24h forum closure
<Zeyi> all posts recalled

"he's got a proven track record when it comes to showy art composition" - Tommy

<Sigi> Light: can I ask u how many open internet-windows u always have?
<MrLobster|PM> i have 2, the pa page, and the website for naked light pictures
<Ave> both has bad gfx
MrLobster is offline   Reply With Quote
Unread 18 Aug 2011, 01:04   #18
ellonweb
Registered User
 
Join Date: Nov 2008
Posts: 401
ellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant future
Re: Secrurity Risk

If you have nothing to hide.... **** you if you're doing illegal shit.
ellonweb is offline   Reply With Quote
Unread 18 Aug 2011, 02:33   #19
Bowlsey
Lover of Cheesecake
 
Bowlsey's Avatar
 
Join Date: Jul 2000
Location: Australia
Posts: 60
Bowlsey is on a distinguished road
Re: Secrurity Risk

SSL is an easy win. doesn't have any ramifications of implementing and gives users a better peace of mind. When pa changed to email log in, i created a new email for it.... I don't want my personal email address known, I don't want to be spammed or anyone trying to hack it...

All this talk about using a better password or what not is mute... SSL has lots of benefits and zero negatives...

To me this is a no brainer implementation.
__________________
rd1 XFA/UXF, rd2 WaCjr, rd3-6 Elysium, rd7-9.5 RaH
=Break=
rd21 Angels, rd23 Jenova, rd24 NewDawn, rd25 TGV, rd26 Jenova
=Break=
rd41-44 TGV, rd45-46 FAnG, rd47 HaVeN rd48-49 FAnG
=Break=
Rd55+ Ultores
Bowlsey is offline   Reply With Quote
Unread 18 Aug 2011, 04:26   #20
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

Of course there are negatives. A certificate costs money, installing mod_ssl costs time, and HTTPS traffic requires more CPU time than plain HTTP.

Also wow that avatar looks a lot like Assassin's.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 18 Aug 2011, 13:40   #21
ellonweb
Registered User
 
Join Date: Nov 2008
Posts: 401
ellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant future
Re: Secrurity Risk

You had to submit your email in the old registration as a way of validation, no-one complained back then.
ellonweb is offline   Reply With Quote
Unread 18 Aug 2011, 23:39   #22
Bowlsey
Lover of Cheesecake
 
Bowlsey's Avatar
 
Join Date: Jul 2000
Location: Australia
Posts: 60
Bowlsey is on a distinguished road
Re: Secrurity Risk

You don't have to pay for a certificate, you can create your own. The increase in HTTPS traffic for a browser game like PA is minimal.

And yes my avatar was from when I last played PA back when I was apart of Jenova. Assassin's is a vts Penguin if I remember correctly, not quite the same

I have no problems submitting my email for registration, that is one off. Having to submit it everytime i log in however is more of a risk.
__________________
rd1 XFA/UXF, rd2 WaCjr, rd3-6 Elysium, rd7-9.5 RaH
=Break=
rd21 Angels, rd23 Jenova, rd24 NewDawn, rd25 TGV, rd26 Jenova
=Break=
rd41-44 TGV, rd45-46 FAnG, rd47 HaVeN rd48-49 FAnG
=Break=
Rd55+ Ultores
Bowlsey is offline   Reply With Quote
Unread 19 Aug 2011, 07:53   #23
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

Quote:
Originally Posted by Bowlsey View Post
You don't have to pay for a certificate, you can create your own. The increase in HTTPS traffic for a browser game like PA is minimal.
You misunderstood: the CPU time required to encrypt pages and (to much lesser extent) decrypt requests was one of the problems I referred to. The increase in the amount of data is indeed negligible. There is an increase in page load times, though.

With HTTPS, your phone battery would last a little shorter (communication is energy intensive), the server would need/use a fair bit more processing power, some time should be invested to add mod_ssl to Apache (or whatever web server they use) amd pages would load half a second slower; none of that is particularly world-shattering, though all are a nuisance.

All that said, I have yet to see any good reason why you would possibly need HTTPS for PA: do you really think there's anyone who cares about your PA account or activity?

Quote:
Originally Posted by Bowlsey View Post
I have no problems submitting my email for registration, that is one off. Having to submit it everytime i log in however is more of a risk.
Why is that a risk?
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.

Last edited by Mzyxptlk; 19 Aug 2011 at 08:04.
Mzyxptlk is offline   Reply With Quote
Unread 19 Aug 2011, 18:12   #24
ellonweb
Registered User
 
Join Date: Nov 2008
Posts: 401
ellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant futureellonweb has a brilliant future
Re: Secrurity Risk

Quote:
Originally Posted by Bowlsey View Post
You don't have to pay for a certificate, you can create your own.
Quote:
Originally Posted by Bowlsey View Post
I have no problems submitting my email for registration, that is one off. Having to submit it everytime i log in however is more of a risk.
Accessing "secure" websites that have generated their own SSL certificates rather than one generated by a known signing authority is far more risky behaviour than submitting your email every time you login.
ellonweb is offline   Reply With Quote
Unread 21 Aug 2011, 23:12   #25
vuLgAr
Bi-Winning
 
Join Date: Dec 2007
Location: nfi
Posts: 290
vuLgAr is a name known to allvuLgAr is a name known to allvuLgAr is a name known to allvuLgAr is a name known to allvuLgAr is a name known to allvuLgAr is a name known to all
Re: Secrurity Risk

this thread made me giggle
__________________
ѵսȽցΛґ

H-A ODDR Apprime xVx VisioN HEROES Ultores
vuLgAr is offline   Reply With Quote
Unread 28 Aug 2011, 20:05   #26
Judge
Doh!
 
Judge's Avatar
 
Join Date: Apr 2001
Location: Nemo Mortalium Omnibus Horis Sapit
Posts: 1,720
Judge is infamous around these parts
Re: Secrurity Risk

You do not know the half of it:

MH team including me at the time had access to the server where we could see every players details Real name, Real location City/Town Country, (altho addresses were not there) Email addresses, IP addresses, the Browsers they used, and a whole host of other useful stuff for the unscrupulous.

The really worrying part is that most of the people who have access to this information are not required to sign a legally enforceable non disclosure agreement, they just have to verbally agree on irc to not leak it.

It makes you wonder who is getting your personal information?
__________________
Spinner: Kudos to Judge for having big cohones!
Judge is offline   Reply With Quote
Unread 28 Aug 2011, 21:18   #27
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

"Verbally agree on IRC" is not a thing. Not that it matters, verbal agreements are just as binding as written ones. Not that that matters either, because there is in fact a written agreement, the NDA for multihunterdom is printed and mailed or faxed back.

I'm not sure if you could be more wrong if you tried.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.

Last edited by Mzyxptlk; 28 Aug 2011 at 21:33. Reason: Thanks Gabriel <3
Mzyxptlk is offline   Reply With Quote
Unread 28 Aug 2011, 21:36   #28
Gabriel
Gabba gabba hey hey
 
Join Date: Aug 2008
Posts: 212
Gabriel has a spectacular aura aboutGabriel has a spectacular aura aboutGabriel has a spectacular aura about
Re: Secrurity Risk

https://lastpass.com/

Pimp your password
Gabriel is offline   Reply With Quote
Unread 28 Aug 2011, 21:50   #29
Banned
Banned
 
Banned's Avatar
 
Join Date: Jul 2003
Location: ******
Posts: 2,326
Banned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so littleBanned contributes so much and asks for so little
Re: Secrurity Risk

Quote:
Originally Posted by Judge View Post
You do not know the half of it:

MH team including me at the time had access to the server where we could see every players details Real name, Real location City/Town Country, (altho addresses were not there) Email addresses, IP addresses, the Browsers they used, and a whole host of other useful stuff for the unscrupulous.

The really worrying part is that most of the people who have access to this information are not required to sign a legally enforceable non disclosure agreement, they just have to verbally agree on irc to not leak it.

It makes you wonder who is getting your personal information?
Odd. I was given a non-disclosure agreement to sign before I could even start training as a MH. I never signed it, no training.

That said, the disclosure of the above information is not necessarily terrible acts of awfulness. It depends on what the tools are like. If the MHs can do datamining that lets them search for nicks and find addresses, that's not great (in fact it would make me glad I started avoiding using my real nicks ingame).

Anyway, relevant: Jagex's privacy policy. Specifically:
Quote:
We care about protecting your privacy, and with the exception of the uses specified above, we will not sell, transfer, rent out, share or disclose your personally identifiable information to other companies.
Banned is offline   Reply With Quote
Unread 29 Aug 2011, 15:26   #30
Judge
Doh!
 
Judge's Avatar
 
Join Date: Apr 2001
Location: Nemo Mortalium Omnibus Horis Sapit
Posts: 1,720
Judge is infamous around these parts
Re: Secrurity Risk

Quote:
Originally Posted by Mzyxptlk View Post
"Verbally agree on IRC" is not a thing. Not that it matters, verbal agreements are just as binding as written ones. Not that that matters either, because there is in fact a written agreement, the NDA for multihunterdom is printed and mailed or faxed back.

I'm not sure if you could be more wrong if you tried.

Once again talking out of your proverbial about something you know nothing about.

There may well be a written agreement, I was never sent one, nor was I ever required to sign it.

I asked specifically at the time I joined the "team" if they were going to send it to me, so I could sign it and agree to it, Ace replied that it was not a requirement, and that only senior admin staff and employees were obliged to sign it.

What the situation is now, I have no idea, but that is how it was.
__________________
Spinner: Kudos to Judge for having big cohones!
Judge is offline   Reply With Quote
Unread 29 Aug 2011, 15:28   #31
Mzyxptlk
mz.
Alien Invasion Champion, Submarine Champion, Tiger Punch Champion, Barts Watersports Adventure Champion
 
Join Date: Aug 2005
Posts: 8,587
Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.Mzyxptlk has ascended to a higher existance and no longer needs rep points to prove the size of his e-penis.
Re: Secrurity Risk

Ah yes, complaining about how things used to be. Very helpful. For someone who admits he has "no idea", you seem awfully eager to tell me I know nothing about it.

I am amused.
__________________
The outraged poets threw sticks and rocks over the side of the bridge. They were all missing Mary and he felt a contented smug feeling wash over him. He would have given them a coy little wave if the roof hadn't collapsed just then. Mary then found himself in the middle of an understandably shocked family's kitchen table. So he gave them the coy little wave and realized it probably would have been more effective if he hadn't been lying on their turkey.
Mzyxptlk is offline   Reply With Quote
Unread 29 Aug 2011, 15:30   #32
Judge
Doh!
 
Judge's Avatar
 
Join Date: Apr 2001
Location: Nemo Mortalium Omnibus Horis Sapit
Posts: 1,720
Judge is infamous around these parts
Re: Secrurity Risk

Quote:
We care about protecting your privacy, and with the exception of the uses specified above, we will not sell, transfer, rent out, share or disclose your personally identifiable information to other companies.
As I am not an employee of Jagex there Policy is of little interest to me, had I chosen too (and I wont confirm one way or another) I could have garnered that information and sold it to anyone who was interested, or just publish it for the hell of it.

Either way there would be little Jagex or anyone else could do about it, or too me.
__________________
Spinner: Kudos to Judge for having big cohones!
Judge is offline   Reply With Quote
Unread 29 Aug 2011, 15:48   #33
Kargool
Up The Hatters!
 
Kargool's Avatar
 
Join Date: Nov 2004
Location: Kenilworth Road
Posts: 3,012
Kargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet society
Re: Secrurity Risk

Quote:
Originally Posted by Judge View Post
As I am not an employee of Jagex there Policy is of little interest to me, had I chosen too (and I wont confirm one way or another) I could have garnered that information and sold it to anyone who was interested, or just publish it for the hell of it.

Either way there would be little Jagex or anyone else could do about it, or too me.
And my cock is effing huge.

Put up or shut up.
__________________
Planetarion veteran
Kargool is offline   Reply With Quote
Unread 29 Aug 2011, 18:47   #34
Judge
Doh!
 
Judge's Avatar
 
Join Date: Apr 2001
Location: Nemo Mortalium Omnibus Horis Sapit
Posts: 1,720
Judge is infamous around these parts
Re: Secrurity Risk

Quote:
Originally Posted by Kargool View Post
And my cock is effing huge.

Put up or shut up.

A typical response from the "Village Idiot"
__________________
Spinner: Kudos to Judge for having big cohones!
Judge is offline   Reply With Quote
Unread 29 Aug 2011, 19:40   #35
Kargool
Up The Hatters!
 
Kargool's Avatar
 
Join Date: Nov 2004
Location: Kenilworth Road
Posts: 3,012
Kargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet societyKargool is a pillar of this Internet society
Re: Secrurity Risk

No, a typical response from the village idiot would be to make veiled threats about disclosing everyones private information, or to make himself look more important than he actually is.
__________________
Planetarion veteran
Kargool is offline   Reply With Quote
Reply


Thread Tools
Display Modes

Forum Jump


All times are GMT +1. The time now is 13:24.


Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2002 - 2018