To those who are still receiving the emails about someone trying to access your account, PLEASE, PLEASE, go to Google play and download the free app Network Info II. Once you launch it touch IP at the top of the screen and it will obtain your external IP address . This is the IP address used by your internet service provider. You will most likely find that this is the same IP address trying to access your account.
That post was directed at djb28, as he posted his IP too (although I edited it out).
Did you PM the IP from your email to one of the other moderators to check? I didn't get it and don't see any reports from you.
You are correct. The pathetic "whoops, we're idiots" apology isn't enough! Thanks for giving the spammers my email address. Do you have 2-factor auththentication? Do you have a "strength meter" on your passwords? If Bank of America or American-Express had done this...do you think "whoops" would be enough?! Stop thinking your site is safe. Get professionals to audit your system, and stop the "once I get in the front door, I can do anything" mentality you run your site with.Oh damn how much I hate you guys now.
I only registered on these forums because of your "greed" policies - hiding info and download links from unregistered users.
Not only do you lock up information posted on your forums (kudos to the android openness spirit), you also don't bother patching the forums against knows exploits.
But hey, thank you for leaking my info to spammers / thiefs. Luckily I use separate passwords for public forums and my main sensitive accounts.
And I find out about this from major news sites? I guess you didn't bother sending a mass email to your user list either.
Lesson of the day - don't make people register if you are amateurs in security.
You are correct. The pathetic "whoops, we're idiots" apology isn't enough! Thanks for giving the spammers my email address. Do you have 2-factor auththentication? Do you have a "strength meter" on your passwords? If Bank of America or American-Express had done this...do you think "whoops" would be enough?! Stop thinking your site is safe. Get professionals to audit your system, and stop the "once I get in the front door, I can do anything" mentality you run your site with.
There's no such thing as an impervious system - we get the site for free and you get all ungrateful about just how quickly they turned this thing around?
Stop whining and be thankful the admins worked as diligently as they did. My hats off to Phases and his team for an excellent job well done.
No, it wasn't me, and no I'm not mad at anyone here. :smokingsomb:
Meanwhile, I just got a screen obscuring "phandroid" ad, the content being (copy/paste quote):
]o 0 ' ?xL"W + 8 Mi @ v1 5N Ab N U b\ C s $ I U t B) " $ N1 Xn ] E%K Sh @ lt I^ ; 3 VL w! ⑇ 1 ؉ Se
There's no such thing as an impervious system - we get the site for free and you get all ungrateful about just how quickly they turned this thing around?
Somewhat correct.
The fallacy in your logic though, is that the breach was through a "known exploit". That's an administrative failure, plain and simple. You patch a known exploit before it is used, and not put it off until damage is done. Site administrators should be checking daily for patches and issuing those patches immediately.
Phases said:- The exploit used has been identified and resolved.
The fallacy in your logic though, is that the breach was through a "known exploit". That's an administrative failure, plain and simple. You patch a known exploit before it is used, and not put it off until damage is done. Site administrators should be checking daily for patches and issuing those patches immediately.
After the breach, the administrators should have notified every registered user immediately. Not to do so is irresponsible and lazy.
Phases said:- The exploit used has been identified and resolved. The server has been further hardened and extra "just in case" actions have been taken.. and will continue to be taken.
Phases did not mention any kind of previously known exploit. What he did say was that the exploit had been identified after the fact.
The original post has been edited. At one point it specifically stated "unknown intruders using a known exploit". Believe who you will, but the original statement has been posted around the Web.Where did you get that it was a "known exploit"? All I have seen said that they know how it was done, and remidied that exploit immediately.
From the OP:
Where did you get that it was a "known exploit"? All I have seen said that they know how it was done, and remidied that exploit immediately.
From the OP:
A press release on slashdot.org said it was a known exploit:
"Phandroid's AndroidForums.com has been hacked. The database that powers the site was compromised and more than one million user account details were stolen. If you use the forum, make sure to change your password ASAP. From the article: 'Phandroid has revealed that its Android Forums website was hacked this week using a known exploit. The data that was accessed includes usernames, e-mail addresses, hashed passwords, registration IP addresses, and other less-critical forum-related information. At the time of writing, the forum listed 1,034,235 members.'"
The original post has been edited. At one point it specifically stated "unknown intruders using a known exploit". Believe who you will, but the original statement has been posted around the Web.
But please, lets not misrepresent the situation by believing a third hand account of the problem rather than the quote from the site's administrator.
We've been tracking upcoming products and ranking the best tech since 2007. Thanks for trusting our opinion: we get rewarded through affiliate links that earn us a commission and we invite you to learn more about us.