The Problem With Hackings - And The Solution

Discussion in 'Archives' started by R2Pleasent, Apr 24, 2012.

Thread Status:
Not open for further replies.
The Problem With Hackings - And The Solution
  1. Unread Apr 24, 2012 at 1:43 AM
  2. Joined:
    Feb 1, 2007
    Posts:
    11,474
    Referrals:
    0
    Location:
    Canada!
    Two Factor Authentication User Verified Challenger Sythe's 10th Anniversary Sythe Prizebox Member of the Month winner
    R2Pleasent

    R2Pleasent The GP King
    Highly Trusted Retired Global Moderator $25 USD Donor

    The Problem With Hackings - And The Solution

    Right now, there are some major problems with the way MSN hackings are going. Basically, the hacker has incentive to trade himself with the msn accounts, and stage trades. By doing so, the hacker creates fake scam reports which the victim must repay in order to return on Sythe.org. These hackers know that most victims run healthy businesses and will likely repay the losses to return to trading.

    This is a major problem. Let's say I am hacked, and the guy who takes my MSN goes and stages a 10B trade. He takes the screenshots of the fake trade, stages an MSN convo, and uploads the proof. I am basically shit out of luck, and I have to repay the hacker, even though nobody was scammed. Theoretically, this could continue up to an infinite amount.

    My proposal is to make a cap of what a trader is liable to repay on their MSN without a Sythe PM. I'd say anyone trading billions at a time should be asking for a PM anyways. This exempts smaller trades, and really only affects the bigger players.

    Basically, traders should not be liable for anything beyond $1,000 per trade on MSN done without a Sythe PM. This rule should be heavily advertised to ensure people understand. Any abuse of this rule should be closely investigated, and all scam reports should be looked at and examined for fake hackings, etc. (saying you're hacked when you're not, to get away with a scam). However, I think this recent flow of hacking has shown us that the system is too easily abused by the hackers.
     
  3. Unread Apr 24, 2012 at 1:48 AM
  4. Joined:
    Jan 15, 2011
    Posts:
    3,736
    Referrals:
    0
    Location:
    Bundaberg,QLD,Aus
    stui

    stui Attend 500M Daily Drops, join #Smokin_Dice
    Banned

    The Problem With Hackings - And The Solution

    Probably a suggestion more than feedback, but yes i do agree, i pretty much always get a pm when trading, unless its with friends but even then i would probably get a pm if it was over $100 or something like that
     
  5. Unread Apr 24, 2012 at 2:21 AM
  6. Joined:
    Jul 12, 2008
    Posts:
    4,604
    Referrals:
    0
    Location:
    -97.519,35.4715
    Green Finger Gohan has AIDS (5) The Mortyest Morty Mr. Peanutbutter Wubba Lubba Dub Dub (2) Penguin 420 yolo swag blaze it fuck the popo legalize it anyone got some chips Bojack Pokémon Trainer Candy Man
    Smashing Cool Kid Shitting Rainbow Rupee Not sure if srs or just newfag... Village Drunk TOKI! AM'S YOU WEARINGS MY PANTS? Wait, do you not have an Archer rank? Lumpy Space Princess (2) Le Monkey
    MushyMuncher (3) Bitch! Le UWotM8? Brony (2) Pizza Muncher Tom Black We Are Legion Doge Sythe Prizebox
    Grave

    Grave #1 preferred sexual partner of Ciara "5/5" -New York Times
    Grave Donor

    The Problem With Hackings - And The Solution

    The problem is, if people readily trade without private messages, a fake sphere of trust is created for buyers. For example, if someone purchases billions of gold from me, and I never require a private message, he might not ask for a private message every time we trade. Therefore, if I get hacked, he may proceed to trade with the hacker.

    I understand the issue behind the hackings, but we need to find a better solution than not finding the person hacked liable for trades above a certain amount.


    Maybe have people meet certain guidelines to be covered under this new policy? For example, you must require private messages to complete any trades above X amount, display that you require private messages in your signature, and so on. If we create a certain standard that has to be met by sellers, we can offer them additional protection. This is much more fair and protects both buyers and sellers.
     
  7. Unread Apr 24, 2012 at 3:28 AM
  8. Joined:
    Sep 19, 2009
    Posts:
    8,397
    Referrals:
    0
    Occupation:
    Student / Retail Manager
    Location:
    Australia
    Two Factor Authentication User Sythe Awards 2012 Winner Community Development Team Member Christmas 2015 Valentine's Day 2016 Easter 2016 MushyMuncher Sythe Prizebox
    Brendan

    Brendan Your friendly neighbourhood cuck
    $50 USD Donor Support Center Moderators Our Community Moderators Market Moderators

    The Problem With Hackings - And The Solution

    Is this really happening? Is their any proof to back this?

    Regardless, I do agree with your suggestion to an extent. There have been suggestions in the past which have asked the staff to require PM's for trades, but they've never gone through because the staff don't really want to babysit these situations and seem like they're, I dunno, being too strict.

    Your suggestion does remove those two factors, because these hacking incidents don't occur very often, and it makes sense to get a Private Message for a trade, especially of that caliber.

    The only downside I can see, is if a Gold Seller is corrupt and has a legitimate buyer come forward ready to purchase an amount of gold which puts them under these guidelines, and the seller scams, doesn't that mean if they claim they were hacked, nothing can happen?
     
  9. Unread Apr 24, 2012 at 3:32 AM
  10. Joined:
    Dec 22, 2007
    Posts:
    12,203
    Referrals:
    0
    Location:
    Only in your mind
    Poker Chip Detective Dolan Trump Dolan Duck Why can't I hold all of these feels? Pizza Muncher Valentine's Day 2015 Sythe's 10th Anniversary Halloween 2015 Community Development Team Member
    Two Factor Authentication User Easter 2016
    video

    video Many retards on skype pretend to be me, ALWAYS REQUEST A PM!
    video Donor Competition Winner Retired Global Moderator Pirate

    The Problem With Hackings - And The Solution

    When my msn was hacked, my hacker used it exclusively to stage trades with his friends and himself. I had 5 reports of 10b in scams, thankfully mods saw through them and I didn't pay him a penny. I'd be willing to bet that no one has actually gotten away with a fake scam for any really large amount of money, there are a lot of ways to determine of proofs are fake or not, if trades are staged, etc.

    Capping the limit on liability is also really unfair to people who are scammed for a large amount (see 6.2B from recent arcus assistant msn hacking) and only get somewhat compensated. If people used @hush emails this wouldn't be an issue anyway
     
  11. Unread Apr 24, 2012 at 4:47 AM
  12. Joined:
    May 11, 2009
    Posts:
    2,526
    Referrals:
    0
    Wolfdog

    Wolfdog Untired, we stand. Exhausted, we fall.
    Banned

    The Problem With Hackings - And The Solution

    This is a problem, but I don't think your proposed solution is the answer. One reason, while I'm sure the number was one you just threw out there, is that a lot of people never buy more than 1-2b at a time (which is less than $1000.00) rendering the price limit worthless.


    Ill think about it some more, add some stuff tomorrow.
     
  13. Unread Apr 24, 2012 at 10:49 AM
  14. Joined:
    Nov 1, 2008
    Posts:
    13,641
    Referrals:
    0
    Location:
    Smokin Loud
    djweasel

    djweasel Notorious Sythe Drunkard
    Banned

    The Problem With Hackings - And The Solution

    This happened to me a few years ago Brandon and harped faked a trade. I always thought that it's crazy and that's why I require a pm.
     
  15. Unread Apr 24, 2012 at 12:17 PM
  16. Joined:
    Jan 21, 2007
    Posts:
    13,437
    Referrals:
    0
    Two Factor Authentication User
    SuF

    SuF Legend

    The Problem With Hackings - And The Solution

    Nate has essentially the same suggest awhile ago. And oh, its per trade. The scam artists would just scam $900 each time and have to get paid back.
     
  17. Unread Apr 24, 2012 at 12:32 PM
  18. Joined:
    Aug 1, 2010
    Posts:
    8,257
    Referrals:
    0
    Location:
    Alaska
    KerokeroCola

    KerokeroCola Hero
    Retired Global Moderator KerokeroCola Donor Trade With Caution

    The Problem With Hackings - And The Solution

    I like R2P's idea, but I don't think it covers the inherent problem. There is far too much wrong with MSN. Since I left the SL, I don't know how progress is on the new VB update, but maybe it can include a site-wide IM system that should hopefully rule all but actual scammers from causing damage? The simple fact is that, with MSN or Skype or any third party system, we are basically letting that company's security dictate the security of our own trades. (For that matter, I don't think switching to Skype all-out would help much. Yes, there are less Skype hacks, but that's just because there are less Skype accounts and less incentive to attack Skype's security measures. If we do a full-fledged shift, the hackers will merely try new methods on Skype instead.)
     
  19. Unread Apr 24, 2012 at 12:39 PM
  20. Joined:
    Jun 11, 2010
    Posts:
    7,032
    Referrals:
    0
    Two Factor Authentication User Sythe's 10th Anniversary Heidy
    Emperor Nero

    Emperor Nero Hero
    $5 USD Donor New

    The Problem With Hackings - And The Solution

    Kero has a very valid point here. No matter what we do as long as there isn't a built in IM system for sythe we will always be at the mercy of a 3rd party system. A built in IM system could clear up a lot of these problems. You could only support refunds for trades that were logged in Sythe's IM system. It would make proof gathering somewhat easier, also. There will always be hackers trying to figure out exploits for whatever is mot profitable.
     
  21. Unread Apr 24, 2012 at 2:40 PM
  22. Joined:
    Dec 22, 2007
    Posts:
    12,203
    Referrals:
    0
    Location:
    Only in your mind
    Poker Chip Detective Dolan Trump Dolan Duck Why can't I hold all of these feels? Pizza Muncher Valentine's Day 2015 Sythe's 10th Anniversary Halloween 2015 Community Development Team Member
    Two Factor Authentication User Easter 2016
    video

    video Many retards on skype pretend to be me, ALWAYS REQUEST A PM!
    video Donor Competition Winner Retired Global Moderator Pirate

    The Problem With Hackings - And The Solution

    Let's take a look at which emails were hacked and which ones weren't:

    Hacked:

    HJQ, hotmail
    Kevin001, hotmail
    Arcus Isidar assistant, hotmail
    pockets, live
    benda, live
    kmjt, live
    just_un_dude, hotmail

    Not hacked:

    Viou, hush
    Arcus, hush
    Video, hush
    n4n0, hush
    punkerpunk, hush

    Do you think this is just coincidence? Hotmail/live is significantly much less secure than hush. If you go around spreading this misinformation, you're gonna get people who register for hotmail instead of hush because they think it's just as secure. It's not, what you're doing is extremely counter-productive and I recommend you edit/delete your post
     
  23. Unread Apr 24, 2012 at 2:49 PM
  24. Joined:
    May 11, 2009
    Posts:
    2,526
    Referrals:
    0
    Wolfdog

    Wolfdog Untired, we stand. Exhausted, we fall.
    Banned

    The Problem With Hackings - And The Solution

    Truth is, you should be using hush. Whether or not you have to have the .live passport connected, as long as you have the @hush its unlikely that anyone will be able gain access to it.
     
  25. Unread Apr 24, 2012 at 3:30 PM
  26. Joined:
    Apr 19, 2012
    Posts:
    66
    Referrals:
    0
    Location:
    Pig Farts
    688

    688 Member
    Banned

    The Problem With Hackings - And The Solution

    truth is, if u trade with someone only via msn, u got banned on sythe or ur a retard, seeing ppl get scammed by imposters makes me laugh, if u dont take percautiosn in a trade, ur a dumb ass and deserve to be banned. half ppl on here dont understand that, then expect the mods and the scammer to repay them? lol...
     
  27. Unread Apr 24, 2012 at 3:32 PM
  28. Joined:
    Aug 14, 2011
    Posts:
    1,522
    Referrals:
    0
    Location:
    The Netherlands
    Potamus
    RuneScapeJJ

    RuneScapeJJ Guru
    $25 USD Donor New

    The Problem With Hackings - And The Solution

    After thinking of some positive and negative sides of this new rule I believe that this rule should indeed be implement. However, some people just trust people straight away when they see someone has 1000+ Vouches and traded over 100B. Some people just don't PM because they trust somebody straight away, and they could be a victim of this new rule.

    However, most of the times the big traders will be the victim because of people potentially staging trades - which results in the big traders paying them the "lost" money.

    Overall I support this idea. But, it should be "advertised" over the forum to avoid some people potentially losing money because they didn't send a PM when the trade was actually legitimate.
     
  29. Unread Apr 24, 2012 at 4:11 PM
  30. Joined:
    Aug 1, 2010
    Posts:
    8,257
    Referrals:
    0
    Location:
    Alaska
    KerokeroCola

    KerokeroCola Hero
    Retired Global Moderator KerokeroCola Donor Trade With Caution

    The Problem With Hackings - And The Solution

    Very well, your rather indignant majesty.

    For the record, @hush.com have been hacked in the past by abusing the passport side of the account. I'm obviously not familiar with this particular abuse of Windows Live, but what I said was grounded on thousands of hours of experience with Sythe. Hacking methods change, and apparently the newest one somehow didn't work for Hush, which is fortunate indeed.
     
  31. Unread Apr 24, 2012 at 4:31 PM
  32. Joined:
    Oct 30, 2011
    Posts:
    202
    Referrals:
    0
    nukeham

    nukeham Active Member
    Banned

    The Problem With Hackings - And The Solution

    here im going to tell you guys straight up, every email account can be hacked, there is no method, the reason most people dont do it here is cause they move on to bigger things with there own site charging people money to get a email they want. I got this from my boi, since he does this in russia trust
     
  33. Unread Apr 25, 2012 at 12:46 PM
  34. Joined:
    Mar 31, 2012
    Posts:
    1,107
    Referrals:
    0
    darkorb223

    darkorb223 Guru
    Banned

    The Problem With Hackings - And The Solution

    yeah i think if you're working with that much money you would ask for a pm and be very careful. $500 is a lot to me let alone $1000 or 10B. better safe than sorry.
     
  35. Unread Apr 25, 2012 at 3:10 PM
  36. Joined:
    May 14, 2011
    Posts:
    1,294
    Referrals:
    0
    freakyhair

    freakyhair Guru
    $50 USD Donor New

    The Problem With Hackings - And The Solution

    What kero said is true. It's the whole passport for Msn that's hacked. The reason I think none of those people using hush got hacked is because people like you think that Hush is just as secure as hotmail, and thus they target the hotmail accounts because they know that they are insecure.

    OT: To be honest, I think if people's msn's are hacked, and people scam, then the persons whos msn is hacked should NOT have to repay the person back. This is because 3rd party software such as MSN has nothing to do with Sythe, it's only a means of communication. People should always ask for a PM, and those who don't should learn from this situation.
    I do agree then that there should be a cap. From this it would protect the big bulk buyers, and also it would make it much easier to see whether scam reports are legit.
     
  37. Unread Apr 25, 2012 at 3:41 PM
  38. Joined:
    Aug 7, 2011
    Posts:
    406
    Referrals:
    0
    Location:
    Texas
    Elite Cbr

    Elite Cbr The Big Cheese
    Banned

    The Problem With Hackings - And The Solution

    R2p, this would work for you.

    If someone is very concerned about validating your identity, then chat with them on your live chat on your gold website.
     
  39. Unread Apr 25, 2012 at 4:22 PM
  40. Joined:
    Dec 3, 2009
    Posts:
    26,987
    Referrals:
    0
    Location:
    Module 7
    Dragon Ball Poker Chip Penguin Sythe's 10th Anniversary Spyro Detective (3) Sythe Awards 2013 Winner
    Pizza Muncher Top Striker
    FireZ

    FireZ BRZ Club Member (2014)
    FireZ Donor Global Moderator Retired Administrator Crabby

    The Problem With Hackings - And The Solution

    No caps will be made as this doesn't solve anything in the end.
     
< Guide to unlimited name changes is a FREE KNOWN method warning! | A minor problem >

Users viewing this thread
1 guest
Thread Status:
Not open for further replies.