AndyJ
-
Posts
2 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Hotfixes
Everything posted by AndyJ
-
Just because I'm dumb, how exactly is HG to blame? HG Policies state that if you are able to contact and verify from your primary email, they will give you the information you request. So, Assuming that the email was hacked (which it was since the twitter was comp'd too), then the security problem falls on the comp'd email account. Which I will guess (purely guess) was based on an unsecure cpanel server. The logic that HG replying to a verfied owners email is like saying, its twitters fault that the forgot password button sent back the twitter password too. Don't shift blame. It was a mistake, the email got comp'd, it caused the problems all the way down the food chain. It sucks, its causing horrible problems, lots of legal issues involved, but at the end of the day. the email got comp'd. Done and Done. In the future matt needs to not use his famous whmcs email for all his secure accounts. I'm not mad at HG for releasing the data, at twitter for having a forgot password button, and i'm not mad at matt for the hack. Its a good learning lesson for all, so many people use easy emails for all their secure stuff, and a simple hack of email can give someone access to your life.
-
I don't doubt the hacks valid, however i find it suspect that the next target was "papajohns". Seems more like a scare tactic than anything else. On my own personal note however, I am very disappointed in the poor security practices of WHMCS. For example, Some of the posts were blaming HG for the link, while now that is possible, why is he using an email account that he uses for everything for a secure system like that. That's like using your public email for your bank account, what do you think happens when you hit "forgot my password". On top of that, to ignore usual security flaws in a server is just stupid. Assuming they never bothered, WHMCS could have asked the HG Security team for advise. Sorry, I just hate it when people blame others for their mistakes. Grow up, Take responsibility and resolve it. We can forgive a mistake as long as it doesn't happen again. And if you need help, ask, you have a huge community of people, some of which have college degrees and hundreds of years (plus/minus a few years of exaggeration) of security training and experience.