Important Notice - Security Breach

[Unforgiven]

They are salted as well. This was mentioned by the forum admin earlier in the thread so I am just repeating what he said as I really don't know what that means.

Seems like peanuts to me.

 

[Xyro]

I'm interested in whether the password hashes were salted. I'll feel better knowing they were salted.

They were salted, yes.

 

[TVictory]

They were salted, yes.

Thanks for hitting up the reddit thread in /r/android.

 

[Xyro]

Thanks for hitting up the reddit thread in /r/android.

No problem

I probably should have thought to post it there when I found /r/android a few days ago.

 

[Blacklight82]

Changed my password but someone tried 50 times (got 10 emails) to get into my account. Pathetic punk.

 

[Unforgiven]

Changed my password but someone tried 50 times (got 10 emails) to get into my account. Pathetic punk.

Check your phone for any apps that connect to the forum (Tapatalk, Forum Runner, or the official AF app) as they will keep polling the site under your old credentials. Log out of those apps and log back in with your new password.

 

[Xyro]

Changed my password but someone tried 50 times (got 10 emails) to get into my account. Pathetic punk.

If you want to send us the IP from the emails, we'll be able to compare them to the IPs you've used to visit the site previously.

Please send it via PM or by reporting your post though - it's highly likely that it's your own IP as Unforgiven explained.

 

[Blacklight82]

Check your phone for any apps that connect to the forum (Tapatalk, Forum Runner, or the official AF app) as they will keep polling the site under your old credentials. Log out of those apps and log back in with your new password.

If you want to send us the IP from the emails, we'll be able to compare them to the IPs you've used to visit the site previously.

Please send it via PM or by reporting your post though - it's highly likely that it's your own IP as Unforgiven explained.

Done and done.

 

[wly]

If you guys really cared about security of your users, you would send out a mass email to every user with the information you provided in this post.

I don't log in often and found out about this from slashdot.

 

[droidsix]

If you guys really cared about security of your users, you would send out a mass email to every user with the information you provided in this post.

I don't log in often and found out about this from slashdot.

Whoa! Take it easy...

You obviously have no clue just how challenging it is to recover from a breach like this.

They did an excellent job of getting this under control.

 

[Rootmepls]

Saw the news on Slashdot and came right over. Gave me time to change my sig on this site. Luckily I'm one of those people that uses a different password on every site so no worries.

Keep up the good work!

 

[djb28]

Thanks for the warning and the info. The time spent to help us understand the threat and the possibilities is terrific. On the other hand. Although I have changed password, I am still getting an email box full of attempt emails even still at 1 AM. Friday. Someone is still trying to access.

 

[djb28]

I dont know if it helps. But the person who attempted to log in to my account has tried 18 times so far tonight. Each and every email says the same IP address from them. [Hidden]

 

[Xyro]

I dont know if it helps. But the person who attempted to log in to my account has tried 18 times so far tonight. Each and every email says the same IP address from them.

That IP comes within a range of myvzw (Verizon, I believe) addresses that you have regularly used to post here.

Please check update your outdated password on all of your forum related apps, even if you don't think they're the culprit, and let us know if they stop.

 

[DenverRalphy]

If you guys really cared about security of your users, you would send out a mass email to every user with the information you provided in this post.

I don't log in often and found out about this from slashdot.

QFT. If I hadn't been reading Slashdot, it would have been a while before I learned about it. A mass email takes only a few moments to send out.

 

[DMC-12]

A "solution" shouldn't have been needed. This type of thing should not have happened in the first place.

^^This! Agreed. :-/

 

[xploited]

Oh damn how much I hate you guys now.

I only registered on these forums because of your "greed" policies - hiding info and download links from unregistered users.

Not only do you lock up information posted on your forums (kudos to the android openness spirit), you also don't bother patching the forums against knows exploits.

But hey, thank you for leaking my info to spammers / thiefs. Luckily I use separate passwords for public forums and my main sensitive accounts.

And I find out about this from major news sites? I guess you didn't bother sending a mass email to your user list either.

Lesson of the day - don't make people register if you are amateurs in security.

 

[El Presidente]

I'm sorry you feel that way, it obviously wasn't intentional and the admin and devs have done all they can to be as transparent as possible about what went on and what they've done to resolve.

Fwiw, we're not the only site (Android or otherwise) that requires registration to view download links, it's not that uncommon. Likewise, we're not the only high profile site/organisation to be a victim of something like this and we most certainly won't be the last. As above, Phases and the rest of the team have done all they can to ensure everyone is fully informed of what went on and what they're doing to ensure something like this doesn't happen again.

 

[Crashumbc]

Personally, I think you should ban the idiots posting stupid crap. like the few above me.

They

A. HAVE NO UNDERSTANDING computer security. It's like saying anyone that's ever had their car broken into, is at fault. You can lock your, use security system, park in "safe" areas. It CAN still happen.

B. Probably have been violated on a dozen forums, they just never knew because, most admins don't have balls to do the responsible thing and notify their user base. (much less offer a detailed explanation)

Again, phases and others, you have my heart felt thanks for doing the right thing. I feel bad for the crap your getting.

 

[jbenham]

Done and done.

And done. Had 12 attempts on my account last night.

 

[jbenham]

Done and done.

That IP comes within a range of myvzw (Verizon, I believe) addresses that you have regularly used to post here.

Please check update your outdated password on all of your forum related apps, even if you don't think they're the culprit, and let us know if they stop.

I do not have Verizon or any other cell phone service.

 

[Xyro]

I do not have Verizon or any other cell phone service.

That post was directed at djb28, as he posted his IP too (although I edited it out).

Did you PM the IP from your email to one of the other moderators to check? I didn't get it and don't see any reports from you.

 

[Pitamakan]

I have to agree that AF's public response to this was woefully inadequate. In order for people to hear about the breach -- and the need to change their password -- they've either needed to be regular visitors to the site, or regular readers of some of the tech sites. People who aren't in one of those categories are still unaware that they have a possibly-hacked password.

AF has roughly a million registered user accounts at this point, and I think it's very safe to say that the strong majority of those accounts are currently inactive. That means that there are almost certainly several hundred thousand people out there who need to change their online passwords, but still haven't been notified of that yet.

A mass e-mail is the only responsible action when something like this happens.

 

[mamawm]

To those who are still receiving the emails about someone trying to access your account, PLEASE, PLEASE, go to Google play and download the free app Network Info II. Once you launch it touch IP at the top of the screen and it will obtain your external IP address . This is the IP address used by your internet service provider. You will most likely find that this is the same IP address trying to access your account.

 

[godsdragon]

You guys and gals are doing a great job! and for that, I am grateful!

You rock!!!