|
Can't get a word in in the official IRC channel because there's a guy from a competing host or something trying to stir up poo poo. Despite that, Linode people are nowhere to be seen, unfortunately so no official line from them yet. If you're planning on joining the IRC, make sure to add 'Woet' to your ignore since he is just there to get people to switch providers.
|
# ? Apr 15, 2013 21:56 |
|
|
# ? May 18, 2024 00:43 |
|
DNova posted:I'm not going to read 30 pages of IRC logs; any chance of a summary? Someone linked this, http://turtle.dereferenc ed.org/~nenolod/linode/linode-abridged.txt
|
# ? Apr 15, 2013 23:22 |
|
Okay so a guy came into IRC and said this. I'm the Tea guy he's referring to. 00:03 < HTP> Tea: Your linode account name is mugoftea 00:03 < HTP> your email is joe@warhaggis.com 00:04 < HTP> the last 4 digits of your customer credit cards are 00:04 < HTP> 2125, 1111, 1883, 1111, and 2125 respectively I. Uh...
|
# ? Apr 16, 2013 00:16 |
|
Comatoast posted:The interesting bits start at 5:03 this morning. OP has been edited to avoid Linode.
|
# ? Apr 16, 2013 00:38 |
|
Well, poo poo. Even though I don't use Linode right now, my account is still active and has my credit card number. I guess that settles whether I'm getting a new VPS from them soon.
|
# ? Apr 16, 2013 00:39 |
|
Nobody Interesting posted:Okay so a guy came into IRC and said this. I'm the Tea guy he's referring to. To be fair, if Linode was doing everything right (and obviously they weren't) the last four digits are actually all they'd be able to see. Still far more than they should have access to, but the full numbers had drat well better be encrypted or Visa/MC/Amex are going to tear them a new one.
|
# ? Apr 16, 2013 00:45 |
|
What's surprising to me is that Linode actually played along with the hackers. I don't know what 'deal' they arranged but they must have known poo poo was going to hit the fan eventually. Better just to come clean, say the hackers attempted blackmail and they won't stand for that, have contacted the authorities and are doing what they can.
|
# ? Apr 16, 2013 00:51 |
|
IOwnCalculus posted:To be fair, if Linode was doing everything right (and obviously they weren't) the last four digits are actually all they'd be able to see. Still far more than they should have access to, but the full numbers had drat well better be encrypted or Visa/MC/Amex are going to tear them a new one. They were likely encrypted but, if the chat log is to be believed, encryption keys were available. http://turtle.dereferenced.org/~nenolod/linode/linode-abridged.txt posted:> 05:42 < ryan||> credit cards were encrypted, sadly both the private and public keys were stored on the webserver so that provides 0 additional security
|
# ? Apr 16, 2013 00:52 |
|
So should I be changing my credit card number now or what? e: Really wished they had just taken PayPal or something to begin with.
|
# ? Apr 16, 2013 00:52 |
|
KNITS MY FEEDS posted:So should I be changing my credit card number now or what? Yep, though it's quite likely your CC company will be doing it for you pre-emptively since the last thing they want to be is liable for purchases someone makes with your stolen CC #. If they really were able to get raw CC numbers out of the database... I wonder how much of Linode will even be left when this all settles out.
|
# ? Apr 16, 2013 00:56 |
|
KNITS MY FEEDS posted:So should I be changing my credit card number now or what? Better safe than sorry. I just called to do it.
|
# ? Apr 16, 2013 01:12 |
|
Ok, just had my card cancelled and the number changed. I guess I'll wait and see if they really got hacked.
|
# ? Apr 16, 2013 01:17 |
|
Anaxite posted:They were likely encrypted but, if the chat log is to be believed, encryption keys were available. It's just like what happened to WHMCS, they use reversible encryption and the key is stored in plain text in the configuration.php file. I've had to cancel one card due to the WHMCS breach, I'm not ashamed to admit I have a Linode account, but I'm pissed I have to cancel another card. I can't believe they aren't PCI DSS compliant, poo poo, even Lithium doesn't store card information...
|
# ? Apr 16, 2013 01:19 |
|
Good thing I signed up only five days ago and I can ditch them with no penalty. Only I have to keep my CC number the same until reimbursed. Speaking of which, I've looked through the other VPS hosts in the OP and there aren't many options similar to Linode. Does anyone have any recommendations? I was on the $20/month 1GB plan. Modern Pragmatist fucked around with this message at 02:05 on Apr 16, 2013 |
# ? Apr 16, 2013 01:23 |
|
Modern Pragmatist posted:Speaking of which, I've looked through the other VPS hosts in the OP and there aren't many options similar to Linode. Does anyone have any recommendations? I was on the $20/month 1GB plan. God this is my problem right now. Linode is amazing. I can actually forgive them of this data breach but at the same time I kind of want to switch to another provider. But you find me a cheap, UK based VPS with the same specs. Seriously. Find me one because I sure as hell can't.
|
# ? Apr 16, 2013 02:14 |
|
Nobody Interesting posted:God this is my problem right now. Linode is amazing. I can actually forgive them of this data breach but at the same time I kind of want to switch to another provider. Do you absolutely need it to be in the UK? If it just needs to be in Europe, Prometeus is based out of Italy and featured on LowEndBox as a decent provider (though they have some higher-end plans). Anaxite fucked around with this message at 02:23 on Apr 16, 2013 |
# ? Apr 16, 2013 02:20 |
|
Anaxite posted:Do you absolutely need it to be in the UK? If it just needs to be in Europe, Prometeus is based out of Italy and featured on LowEndBox as a decent provider (though they have some higher-end plans). Preferably, for the lower latency, it's best if it's in the UK. I wonder if the latency to an Italian server would have a noticeable difference over my London one... I'll keep a note of those guys, though. Thanks for that.
|
# ? Apr 16, 2013 02:26 |
|
Nobody Interesting posted:Preferably, for the lower latency, it's best if it's in the UK. I wonder if the latency to an Italian server would have a noticeable difference over my London one... I'll keep a note of those guys, though. Thanks for that. I got this info for them; hopefully it'll be of use. Test IPv4: 194.14.179.254 Test IPv6: 2a00:dcc0:eda:89::254:1 Test File: http://mirrors.prometeus.net/test/test100.bin AS Number: http://bgp.he.net/AS34971
|
# ? Apr 16, 2013 02:35 |
|
Anaxite posted:I got this info for them; hopefully it'll be of use. Oh cool, thanks. The test file maxed out my connection which was great and pinging the IP gave me a response which was only 20-30ms higher than pinging my Linode. That will probably not be noticeable at all. If I have to switch, based on the info I have now I think they might be my first port of call. Thanks a lot for that.
|
# ? Apr 16, 2013 02:40 |
|
You're welcome. I'm sure there are plenty of other options out there so I hope you find what you need!
|
# ? Apr 16, 2013 02:51 |
|
Welp, glad I've been too to bother signing up with Linode.
|
# ? Apr 16, 2013 03:36 |
|
Maybe I missed it, but is there any actual proof of this besides a few random dudes chatting on IRC?
|
# ? Apr 16, 2013 05:55 |
|
Fangs404 posted:Maybe I missed it, but is there any actual proof of this besides a few random dudes chatting on IRC? Just a few posts up. Nobody Interesting posted:Okay so a guy came into IRC and said this. I'm the Tea guy he's referring to.
|
# ? Apr 16, 2013 06:52 |
|
.
ichorclaw fucked around with this message at 18:01 on Apr 29, 2013 |
# ? Apr 16, 2013 10:54 |
|
Still keeping an eye on the Linode IRC. HTP just woke up and he's getting ready for school. He has said that he's shredded all the customer data (ie, with 'shred') and that his little hacker club is releasing all the other information on May 1st. If you want to spectate, join now because I think he'll be gone when his mum's finished making his breakfast. Edit: School time I guess. His parting words: 13:04 < HTP> well i think that covers everything. if anyone comes in later screaming, inform them we don't have their information nor do we care 13:04 < HTP> good luck #linode 13:05 -!- HTP [~ching@199.168.139.19] has quit [Quit: 5/1] Nobody Interesting fucked around with this message at 13:07 on Apr 16, 2013 |
# ? Apr 16, 2013 13:02 |
|
They updated their blog at 2:55am http://blog.linode.com/2013/04/16/security-incident-update/ quote:Yesterday, a group named HTP claimed responsibility for accessing Linode Manager web servers, we believe by exploiting a previously unknown zero-day vulnerability in Adobe’s ColdFusion application server. The vulnerabilities have only recently been addressed in Adobe’s APSB13-10 hotfix (CVE-2013-1387 and CVE-2013-1388) which was released less than a week ago.
|
# ? Apr 16, 2013 13:24 |
|
If this is to be believed, is your latest edit in the OP still accurate?
|
# ? Apr 16, 2013 13:30 |
|
eightysixed posted:If this is to be believed, is your latest edit in the OP still accurate? I'll still wait a while before recommending them again.
|
# ? Apr 16, 2013 13:38 |
|
I switched to Linode from Digital Ocean like a month ago. gently caress. I used my debt card too.
|
# ? Apr 16, 2013 13:41 |
|
NOTinuyasha posted:I switched to Linode from Digital Ocean like a month ago. gently caress. I used my debt card too. Only a handful of people have reported un-authorized charges on the cards they use for Linode - chances are they use that card in 50 other places as well. I think if 'the hackers' had the credit card list and the decryption key they would have posted it by now, right? Or would they pretend they don't have it giving the false illusion to those cardholders that they're safe? It sucks that it happened to Linode, because they had a great product with great support, and just basically doubled the specs on their servers.
|
# ? Apr 16, 2013 13:59 |
|
NOTinuyasha posted:I switched to Linode from Digital Ocean like a month ago. gently caress. I used my debt card too. Like I said, HTP claims to have deleted all the credit card info they stole. They also claimed to never use credit card info that they steal from anywhere.
|
# ? Apr 16, 2013 14:20 |
|
Time for me to order a new card from Chase. Also, if Linode really tried to make a deal with the hackers, than .
|
# ? Apr 16, 2013 14:29 |
|
We still have no proof that they even obtained full credit card numbers. They've only posted the final 4 digits as 'proof' which Linode stored as cleartext for purposes of account management.
|
# ? Apr 16, 2013 16:35 |
|
You're right, we don't, but I think that's part of the problem. We know someone got a hold of Linode customer information, but we don't necessarily know to what extent. It's a bit of a he-said-they-said situation. Even if full credit card numbers weren't leaked, it's safer to just change them on principle (and because the last 4 digits are used as verification in enough places).
|
# ? Apr 16, 2013 17:15 |
|
So if you think the hackers are dishonest, you might be on to something, but consider what Linode posted four days ago:quote:Linode administrators have discovered and blocked suspicious activity on the Linode network. This activity appears to have been a coordinated attempt to access the account of one of our customers. This customer is aware of this activity and we have determined its extent and impact. We have found no evidence that any Linode data of any other customer was accessed. In addition, we have found no evidence that payment information of any customer was accessed. The Hacker News thread on this has a ton of other damning information and chat logs if you want to read into all the gory details.
|
# ? Apr 16, 2013 18:30 |
|
ichorclaw posted:Looks like a HostGator employee, "ERIC GUNNAR GISSE" rooted every one of the shared servers last year and was just arrested on it. Seemed like no big deal until I got to the part where HostGator admits to taking screenshots of employee workstations every minute. Holy hell.
|
# ? Apr 16, 2013 22:33 |
|
Fangs404 posted:I'll play too. I've got a recently upgraded Linode 1024. It's located in Dallas. I got upgraded to the E5-2670 today. All it took was a ticket, and within 15 mins, I was migrated to the new hardware. Here are my new results: code:
|
# ? Apr 17, 2013 00:47 |
|
Btw for those of you leaving linode and want something on a comparable price point: try out vr.org, they have a ton of locations and native ipv6 by default and have been amazing to me.
|
# ? Apr 17, 2013 02:50 |
|
Jumping ship from Linode to RAMNODE
|
# ? Apr 17, 2013 03:01 |
|
|
# ? May 18, 2024 00:43 |
|
NOTinuyasha posted:
I'm gonna admit defeat and ask for a link to this thread because I'm an idiot and can't find it. (I guess I could never be a hacker )
|
# ? Apr 17, 2013 10:33 |