Sythe     Register     FAQ     Members List     Calendar     Mark Forums Read    
 
Sythe  
  
The Problem With Hackings - And The Solution
 
 
LinkBack Thread Tools Display Modes
  #1  
Old 04-24-2012, 06:43 AM
R2Pleasent's Avatar
The GP King
$25 USD Donor Highly Trusted Retired Global Moderator Sythe Verified User
 
Join Date: Feb 2007
Location: Canada!
Referrals: 95
Posts: 9,471
Send a message via Skype™ to R2Pleasent
 
Two Factor Authentication User Member of the Month winner
Default The Problem With Hackings - And The Solution

Right now, there are some major problems with the way MSN hackings are going. Basically, the hacker has incentive to trade himself with the msn accounts, and stage trades. By doing so, the hacker creates fake scam reports which the victim must repay in order to return on Sythe.org. These hackers know that most victims run healthy businesses and will likely repay the losses to return to trading.

This is a major problem. Let's say I am hacked, and the guy who takes my MSN goes and stages a 10B trade. He takes the screenshots of the fake trade, stages an MSN convo, and uploads the proof. I am basically shit out of luck, and I have to repay the hacker, even though nobody was scammed. Theoretically, this could continue up to an infinite amount.

My proposal is to make a cap of what a trader is liable to repay on their MSN without a Sythe PM. I'd say anyone trading billions at a time should be asking for a PM anyways. This exempts smaller trades, and really only affects the bigger players.

Basically, traders should not be liable for anything beyond $1,000 per trade on MSN done without a Sythe PM. This rule should be heavily advertised to ensure people understand. Any abuse of this rule should be closely investigated, and all scam reports should be looked at and examined for fake hackings, etc. (saying you're hacked when you're not, to get away with a scam). However, I think this recent flow of hacking has shown us that the system is too easily abused by the hackers.
__________________





Copy this message to clipboard
  #2  
Old 04-24-2012, 06:48 AM
Attend 500M Daily Drops, join #Smokin_Dice
 
Join Date: Jan 2011
Location: Bundaberg,QLD,Aus
Referrals: 5
Posts: 3,800
Send a message via MSN to stui Send a message via Skype™ to stui
 
Default Re: The Problem With Hackings - And The Solution

Probably a suggestion more than feedback, but yes i do agree, i pretty much always get a pm when trading, unless its with friends but even then i would probably get a pm if it was over $100 or something like that
Copy this message to clipboard
  #3  
Old 04-24-2012, 07:21 AM
Owner of RSUltimate.com #1 Runescape Gold Site
Grave Donor Sythe Verified User
 
Join Date: Jul 2008
Location: -97.519,35.4715
Referrals: 142
Posts: 4,497
 

Default Re: The Problem With Hackings - And The Solution

The problem is, if people readily trade without private messages, a fake sphere of trust is created for buyers. For example, if someone purchases billions of gold from me, and I never require a private message, he might not ask for a private message every time we trade. Therefore, if I get hacked, he may proceed to trade with the hacker.

I understand the issue behind the hackings, but we need to find a better solution than not finding the person hacked liable for trades above a certain amount.


Maybe have people meet certain guidelines to be covered under this new policy? For example, you must require private messages to complete any trades above X amount, display that you require private messages in your signature, and so on. If we create a certain standard that has to be met by sellers, we can offer them additional protection. This is much more fair and protects both buyers and sellers.
__________________
Copy this message to clipboard
  #4  
Old 04-24-2012, 08:28 AM
Brendan's Avatar
Sky High
$50 USD Donor Sythe Verified User
 
Join Date: Sep 2009
Location: Australia
Referrals: 4
Posts: 5,777
Send a message via Skype™ to Brendan
 
MushyMuncher Sythe Awards 2012 Winner
Default Re: The Problem With Hackings - And The Solution

Quote:
Originally Posted by R2Pleasent View Post
Basically, the hacker has incentive to trade himself with the msn accounts, and stage trades. By doing so, the hacker creates fake scam reports which the victim must repay in order to return on Sythe.org. These hackers know that most victims run healthy businesses and will likely repay the losses to return to trading.
Is this really happening? Is their any proof to back this?

Regardless, I do agree with your suggestion to an extent. There have been suggestions in the past which have asked the staff to require PM's for trades, but they've never gone through because the staff don't really want to babysit these situations and seem like they're, I dunno, being too strict.

Your suggestion does remove those two factors, because these hacking incidents don't occur very often, and it makes sense to get a Private Message for a trade, especially of that caliber.

The only downside I can see, is if a Gold Seller is corrupt and has a legitimate buyer come forward ready to purchase an amount of gold which puts them under these guidelines, and the seller scams, doesn't that mean if they claim they were hacked, nothing can happen?
__________________
Former Moderator|Ex User Educator|Click me for over 120 Vouches
Jack Goffs Bitch|Ex - Community Development Member
Skype: Brendan.sythe
Copy this message to clipboard
  #5  
Old 04-24-2012, 08:32 AM
video's Avatar
Looking for user title suggestions, pm me
$5 USD Donor Competition Winner Retired Global Moderator
 
Join Date: Dec 2007
Location: Only in your mind
Referrals: 37
Posts: 8,006
 
Two Factor Authentication User Gohan has AIDS Homosex
Default Re: The Problem With Hackings - And The Solution

When my msn was hacked, my hacker used it exclusively to stage trades with his friends and himself. I had 5 reports of 10b in scams, thankfully mods saw through them and I didn't pay him a penny. I'd be willing to bet that no one has actually gotten away with a fake scam for any really large amount of money, there are a lot of ways to determine of proofs are fake or not, if trades are staged, etc.

Capping the limit on liability is also really unfair to people who are scammed for a large amount (see 6.2B from recent arcus assistant msn hacking) and only get somewhat compensated. If people used @hush emails this wouldn't be an issue anyway
__________________

UNDER NO CIRCUMSTANCES SHOULD YOU TRADE ME WITHOUT A PM

Vouches: http://www.sythe.org/vouches-forum/7...s-vouches.html


List of sythe users I think are totally kickass

Raptor lx, Time to buy, Elena, Frenzy, IDB, Roary, isuckathalo1, Naturebuilder, questguy, Pockets
Copy this message to clipboard
  #6  
Old 04-24-2012, 09:47 AM
Untired, we stand. Exhausted, we fall.
Retired Sectional Moderator Sythe Verified User $25 USD Donor New
 
Join Date: May 2009
Referrals: 2
Posts: 2,520
Send a message via Skype™ to Wolfdog
 
Extreme Homosex Homosex
Default Re: The Problem With Hackings - And The Solution

This is a problem, but I don't think your proposed solution is the answer. One reason, while I'm sure the number was one you just threw out there, is that a lot of people never buy more than 1-2b at a time (which is less than $1000.00) rendering the price limit worthless.


Ill think about it some more, add some stuff tomorrow.
__________________
If you need help with something, please feel free to PM me. If I haven't responded within a day or two, feel free to add my Skype.


20k Plus <3
Copy this message to clipboard
  #7  
Old 04-24-2012, 03:49 PM
Notorious Sythe Drunkard
 
Join Date: Nov 2008
Location: Smokin Loud
Referrals: 12
Posts: 13,644
Send a message via MSN to djweasel Send a message via Skype™ to djweasel
 
Default Re: The Problem With Hackings - And The Solution

This happened to me a few years ago Brandon and harped faked a trade. I always thought that it's crazy and that's why I require a pm.
Copy this message to clipboard
  #8  
Old 04-24-2012, 05:17 PM
Legend
 
Join Date: Jan 2007
Referrals: 28
Posts: 12,656
 
Member of the Month winner
Default Re: The Problem With Hackings - And The Solution

Nate has essentially the same suggest awhile ago. And oh, its per trade. The scam artists would just scam $900 each time and have to get paid back.
__________________
I do not MM or trade anything.
Anyone claiming to be me in a trade or MM is an imposter.

LTY1DzST8DUxAMN8KLpKhG88vx4uNQpX4a
1NpgTisxVB5HKRVtTAtRmQJr6iRGrBXwUj

Last edited by SuF : 04-24-2012 at 05:18 PM.
Copy this message to clipboard
  #9  
Old 04-24-2012, 05:32 PM
Hero
KerokeroCola Donor Retired Global Moderator
 
Join Date: Aug 2010
Location: Alaska
Referrals: 12
Posts: 8,251
 
Default Re: The Problem With Hackings - And The Solution

I like R2P's idea, but I don't think it covers the inherent problem. There is far too much wrong with MSN. Since I left the SL, I don't know how progress is on the new VB update, but maybe it can include a site-wide IM system that should hopefully rule all but actual scammers from causing damage? The simple fact is that, with MSN or Skype or any third party system, we are basically letting that company's security dictate the security of our own trades. (For that matter, I don't think switching to Skype all-out would help much. Yes, there are less Skype hacks, but that's just because there are less Skype accounts and less incentive to attack Skype's security measures. If we do a full-fledged shift, the hackers will merely try new methods on Skype instead.)

Last edited by KerokeroCola : 04-24-2012 at 09:08 PM.
Copy this message to clipboard
  #10  
Old 04-24-2012, 05:39 PM
Emperor_Nero's Avatar
Hero
$5 USD Donor New
 
Join Date: Jun 2010
Referrals: 1
Posts: 6,691
 
Default Re: The Problem With Hackings - And The Solution

Quote:
Originally Posted by KerokeroCola View Post
Just to clear this up: @hush.com is just as insecure as @live.com. I never really understood this fad. Just because you can't hack the actual email doesn't mean you can't hack the Windows Live passport of the account, which has the same recovery system as any @live.com email would. Both of them are susceptible to the same exploits.

I like R2P's idea, but I don't think it covers the inherent problem. There is far too much wrong with MSN. Since I left the SL, I don't know how progress is on the new VB update, but maybe it can include a site-wide IM system that should hopefully rule all but actual scammers from causing damage? The simple fact is that, with MSN or Skype or any third party system, we are basically letting that company's security dictate the security of our own trades. (For that matter, I don't think switching to Skype all-out would help much. Yes, there are less Skype hacks, but that's just because there are less Skype accounts and less incentive to attack Skype's security measures. If we do a full-fledged shift, the hackers will merely try new methods on Skype instead.)
Kero has a very valid point here. No matter what we do as long as there isn't a built in IM system for sythe we will always be at the mercy of a 3rd party system. A built in IM system could clear up a lot of these problems. You could only support refunds for trades that were logged in Sythe's IM system. It would make proof gathering somewhat easier, also. There will always be hackers trying to figure out exploits for whatever is mot profitable.
__________________

Some can gaze and not be sick,
But I could never learn the trick.
There's this to say for blood and breath,
They give a man a taste for death.


Subnormal nonentity
Copy this message to clipboard
  #11  
Old 04-24-2012, 07:40 PM
video's Avatar
Looking for user title suggestions, pm me
$5 USD Donor Competition Winner Retired Global Moderator
 
Join Date: Dec 2007
Location: Only in your mind
Referrals: 37
Posts: 8,006
 
Two Factor Authentication User Gohan has AIDS Homosex
Default Re: The Problem With Hackings - And The Solution

Quote:
Originally Posted by KerokeroCola View Post
Just to clear this up: @hush.com is just as insecure as @live.com. I never really understood this fad. Just because you can't hack the actual email doesn't mean you can't hack the Windows Live passport of the account, which has the same recovery system as any @live.com email would. Both of them are susceptible to the same exploits.
Let's take a look at which emails were hacked and which ones weren't:

Hacked:

HJQ, hotmail
Kevin001, hotmail
Arcus Isidar assistant, hotmail
pockets, live
benda, live
kmjt, live
just_un_dude, hotmail

Not hacked:

Viou, hush
Arcus, hush
Video, hush
n4n0, hush
punkerpunk, hush

Do you think this is just coincidence? Hotmail/live is significantly much less secure than hush. If you go around spreading this misinformation, you're gonna get people who register for hotmail instead of hush because they think it's just as secure. It's not, what you're doing is extremely counter-productive and I recommend you edit/delete your post
__________________

UNDER NO CIRCUMSTANCES SHOULD YOU TRADE ME WITHOUT A PM

Vouches: http://www.sythe.org/vouches-forum/7...s-vouches.html


List of sythe users I think are totally kickass

Raptor lx, Time to buy, Elena, Frenzy, IDB, Roary, isuckathalo1, Naturebuilder, questguy, Pockets

Last edited by video : 04-24-2012 at 07:43 PM.
Copy this message to clipboard
  #12  
Old 04-24-2012, 07:49 PM
Untired, we stand. Exhausted, we fall.
Retired Sectional Moderator Sythe Verified User $25 USD Donor New
 
Join Date: May 2009
Referrals: 2
Posts: 2,520
Send a message via Skype™ to Wolfdog
 
Extreme Homosex Homosex
Default Re: The Problem With Hackings - And The Solution

Quote:
Originally Posted by video View Post
Let's take a look at which emails were hacked and which ones weren't:

Hacked:

HJQ, hotmail
Kevin001, hotmail
Arcus Isidar assistant, hotmail
pockets, live
benda, live
kmjt, live
just_un_dude, hotmail

Not hacked:

Viou, hush
Arcus, hush
Video, hush
n4n0, hush
punkerpunk, hush

Do you think this is just coincidence? Hotmail/live is significantly much less secure than hush. If you go around spreading this misinformation, you're gonna get people who register for hotmail instead of hush because they think it's just as secure. It's not, what you're doing is extremely counter-productive and I recommend you edit/delete your post
Truth is, you should be using hush. Whether or not you have to have the .live passport connected, as long as you have the @hush its unlikely that anyone will be able gain access to it.
__________________
If you need help with something, please feel free to PM me. If I haven't responded within a day or two, feel free to add my Skype.


20k Plus <3
Copy this message to clipboard
  #13  
Old 04-24-2012, 08:30 PM
Member
 
Join Date: Apr 2012
Location: Pig Farts
Posts: 66
 
Default Re: The Problem With Hackings - And The Solution

truth is, if u trade with someone only via msn, u got banned on sythe or ur a retard, seeing ppl get scammed by imposters makes me laugh, if u dont take percautiosn in a trade, ur a dumb ass and deserve to be banned. half ppl on here dont understand that, then expect the mods and the scammer to repay them? lol...
Copy this message to clipboard
  #14  
Old 04-24-2012, 08:32 PM
RuneScapeJJ's Avatar
Guru
$25 USD Donor New
 
Join Date: Aug 2011
Location: The Netherlands
Referrals: 1
Posts: 1,522
Send a message via MSN to RuneScapeJJ
 
Potamus
Default Re: The Problem With Hackings - And The Solution

After thinking of some positive and negative sides of this new rule I believe that this rule should indeed be implement. However, some people just trust people straight away when they see someone has 1000+ Vouches and traded over 100B. Some people just don't PM because they trust somebody straight away, and they could be a victim of this new rule.

However, most of the times the big traders will be the victim because of people potentially staging trades - which results in the big traders paying them the "lost" money.

Overall I support this idea. But, it should be "advertised" over the forum to avoid some people potentially losing money because they didn't send a PM when the trade was actually legitimate.
__________________
Always ask for a PM when trading with me!
70+ Vouches here
Senior SRL Member, Scipt Writer at various other bots such as TRiBot, Powerbot, etc.

Copy this message to clipboard
  #15  
Old 04-24-2012, 09:11 PM
Hero
KerokeroCola Donor Retired Global Moderator
 
Join Date: Aug 2010
Location: Alaska
Referrals: 12
Posts: 8,251
 
Default Re: The Problem With Hackings - And The Solution

Quote:
Originally Posted by video View Post
Let's take a look at which emails were hacked and which ones weren't:

Hacked:

HJQ, hotmail
Kevin001, hotmail
Arcus Isidar assistant, hotmail
pockets, live
benda, live
kmjt, live
just_un_dude, hotmail

Not hacked:

Viou, hush
Arcus, hush
Video, hush
n4n0, hush
punkerpunk, hush

Do you think this is just coincidence? Hotmail/live is significantly much less secure than hush. If you go around spreading this misinformation, you're gonna get people who register for hotmail instead of hush because they think it's just as secure. It's not, what you're doing is extremely counter-productive and I recommend you edit/delete your post
Very well, your rather indignant majesty.

For the record, @hush.com have been hacked in the past by abusing the passport side of the account. I'm obviously not familiar with this particular abuse of Windows Live, but what I said was grounded on thousands of hours of experience with Sythe. Hacking methods change, and apparently the newest one somehow didn't work for Hush, which is fortunate indeed.
Copy this message to clipboard
  #16  
Old 04-24-2012, 09:31 PM
Active Member
 
Join Date: Oct 2011
Posts: 202
 
Default Re: The Problem With Hackings - And The Solution

here im going to tell you guys straight up, every email account can be hacked, there is no method, the reason most people dont do it here is cause they move on to bigger things with there own site charging people money to get a email they want. I got this from my boi, since he does this in russia trust
Copy this message to clipboard
  #17  
Old 04-25-2012, 05:46 PM
darkorb223's Avatar
Guru
$50 USD Donor New
 
Join Date: Apr 2012
Posts: 1,107
Send a message via MSN to darkorb223 Send a message via Skype™ to darkorb223
 
Default Re: The Problem With Hackings - And The Solution

yeah i think if you're working with that much money you would ask for a pm and be very careful. $500 is a lot to me let alone $1000 or 10B. better safe than sorry.
__________________
Skype-CokuSythe [email protected]
Copy this message to clipboard
  #18  
Old 04-25-2012, 08:10 PM
freakyhair's Avatar
Guru
$50 USD Donor New
 
Join Date: May 2011
Posts: 1,295
Send a message via MSN to freakyhair Send a message via Skype™ to freakyhair
 
Default Re: The Problem With Hackings - And The Solution

Quote:
Originally Posted by video View Post
Let's take a look at which emails were hacked and which ones weren't:

Hacked:

HJQ, hotmail
Kevin001, hotmail
Arcus Isidar assistant, hotmail
pockets, live
benda, live
kmjt, live
just_un_dude, hotmail

Not hacked:

Viou, hush
Arcus, hush
Video, hush
n4n0, hush
punkerpunk, hush

Do you think this is just coincidence? Hotmail/live is significantly much less secure than hush. If you go around spreading this misinformation, you're gonna get people who register for hotmail instead of hush because they think it's just as secure. It's not, what you're doing is extremely counter-productive and I recommend you edit/delete your post
What kero said is true. It's the whole passport for Msn that's hacked. The reason I think none of those people using hush got hacked is because people like you think that Hush is just as secure as hotmail, and thus they target the hotmail accounts because they know that they are insecure.

OT: To be honest, I think if people's msn's are hacked, and people scam, then the persons whos msn is hacked should NOT have to repay the person back. This is because 3rd party software such as MSN has nothing to do with Sythe, it's only a means of communication. People should always ask for a PM, and those who don't should learn from this situation.
I do agree then that there should be a cap. From this it would protect the big bulk buyers, and also it would make it much easier to see whether scam reports are legit.
Copy this message to clipboard
  #19  
Old 04-25-2012, 08:41 PM
The Big Cheese
 
Join Date: Aug 2011
Location: Texas
Posts: 406
Send a message via MSN to Elite Cbr Send a message via Skype™ to Elite Cbr
 
Default Re: The Problem With Hackings - And The Solution

R2p, this would work for you.

If someone is very concerned about validating your identity, then chat with them on your live chat on your gold website.

Last edited by Elite Cbr : 04-25-2012 at 08:41 PM.
Copy this message to clipboard
  #20  
Old 04-25-2012, 09:22 PM
FireZ's Avatar
BRZ Club Member (2014)
FireZ Donor Crabby
 
Join Date: Dec 2009
Location: Unloading 53' semi trailers
Referrals: 19
Posts: 24,721
 
Detective Christmas 2013 Spyro Gohan has AIDS St. Patrick's Day 2013 Top Striker Halloween 2013 St. Patrick's Day 2014 Pizza Muncher OG Club
420 yolo swag blaze it fuck the popo legalize it anyone got some chips Candy Man Sythe Awards 2013 Winner
Default Re: The Problem With Hackings - And The Solution

No caps will be made as this doesn't solve anything in the end.
__________________

The chosen website for Runescape's biggest gamblers!

Always Get a PM!
I accept Ikov GP and Bitcoin ONLY!
Copy this message to clipboard
 



 wow gold

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off

All times are GMT +1. The time now is 04:26 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.1