|
anthonypants posted:That, or activate for themselves. No more likely than them putting in a trojan of their own regardless.
|
#
?
Feb 19, 2018 17:34
|
|
|
|
| # ? Jun 10, 2024 20:14 |
|
|
They transmitted the stolen passwords over http. https://www.fidusinfosec.com/fslabs-flight-simulation-labs-dropping-malware-to-combat-piracy/
|
|
#
?
Feb 19, 2018 18:16
|
|
|
Just caught up, jesus how is that remotely okay, how can any of those idiots defend it unless they have some kind of hosed up videogame stockholm syndrome 
|
|
#
?
Feb 19, 2018 18:19
|
|
|
Boris Galerkin posted:They transmitted the stolen passwords over http. quote:How secure is the data being stored? – The server running the log collection domain also has RDP open to the internet.. Same security team as Equifax.
|
|
#
?
Feb 19, 2018 18:20
|
|
|
CLAM DOWN posted:Just caught up, jesus how is that remotely okay, how can any of those idiots defend it unless they have some kind of hosed up videogame stockholm syndrome Boris Galerkin posted:The users on their forums are incredible. The amount of mental gymnastics they need to overcome is honestly amazing.
|
|
#
?
Feb 19, 2018 18:22
|
|
|
quote:My favorite one was a guy claiming he was in the cyber security field and (paraphrased): “I don’t see any technical issues here because it only steals your passwords if you’re a pirate. Ethical issues yes, but not technical. Everything is fine.” 
|
|
#
?
Feb 19, 2018 18:35
|
|
|
Everything is 
|
|
#
?
Feb 19, 2018 18:53
|
|
|
Ban computers imo we’ll all be better off
|
|
#
?
Feb 19, 2018 19:04
|
|
|
andrew smash posted:Ban computers imo we’ll all be better off Unironically agreed
|
|
#
?
Feb 19, 2018 19:06
|
|
|
That would actually be an interesting legal challenge. Pirate a copy in a state that says EULAs are as legally binding as a crayon contract on a beer stained bar napkin, pirate the poo poo out of the software, then sue them the second the passwords are uploaded for CFAA violations, what whatever state level computer crimes you can find.
|
|
#
?
Feb 19, 2018 19:06
|
|
|
Who cares about America, that company fslabs seems to be in the EU so there are much stricter laws over there
|
|
#
?
Feb 19, 2018 19:10
|
|
|
CLAM DOWN posted:Who cares about America, that company fslabs seems to be in the EU so there are much stricter laws over there The founder of the company lives in Athens, apparently
|
|
#
?
Feb 19, 2018 19:20
|
|
|
CLAM DOWN posted:Who cares about America, that company fslabs seems to be in the EU so there are much stricter laws over there Good point, the EU is gonna rip him a new rear end in a top hat as soon as the legal stuff gets started over there.
|
|
#
?
Feb 19, 2018 19:27
|
|
|
This discussion is pretty nice. https://twitter.com/taviso/status/965632516462821377   
|
|
#
?
Feb 19, 2018 20:17
|
|
|
Absurd Alhazred posted:This discussion is pretty nice.
|
|
#
?
Feb 19, 2018 21:03
|
|
|
Absurd Alhazred posted:This discussion is pretty nice. I'm surprised that Vess is not in this conversation.
|
|
#
?
Feb 19, 2018 23:53
|
|
|
Ars Technica picked up the FSLabs debacle
|
|
#
?
Feb 20, 2018 01:35
|
|
|
Absurd Alhazred posted:This discussion is pretty nice. I yearn for the day the AV industry dies in the fire it so deserves.
|
|
#
?
Feb 20, 2018 02:56
|
|
|
why are they stealing username/passwords even if the copy is Pirated? What does that have to do with piracy, other than maybe logging in as the pirates accounts at various places to try to learn exactly who they are, which is highly illegal? also lol that they send the passwords over HTTP.
|
|
#
?
Feb 20, 2018 07:50
|
|
|
Alpha Mayo posted:…other than maybe logging in as the pirates accounts at various places to try to learn exactly who they are, which is highly illegal? So stealing passwords isn’t already highly illegal?
|
|
#
?
Feb 20, 2018 08:13
|
|
|
It's double illegal, and it will land you in prison jail.
|
|
#
?
Feb 20, 2018 08:13
|
|
|
Cup Runneth Over posted:It's double illegal, and it will land you in prison jail. You know, the port’s gone crazy, and it ain’t safe on the strip.
|
|
#
?
Feb 20, 2018 08:27
|
|
|
 it was picked up on Ars, Motherboard/Vice, and Guru3D. I’m not sure about Guru3D but the other two have tons of readers. Do people still use Guru3D for GPU reviews?Anyway they posted another update to come clean about what they did. https://forums.flightsimlabs.com/index.php?/announcement/11-a320-x-drm-what-happened/ Honestly if they would have communicated that at the beginning they might not have pissed off so many people but they didn’t and they have. They’ve flat out admitted to using illegal means to obtain PII of alleged pirates, which they flat out said has helped them build a case against said alleged pirates or help them combat it. I hope they get hosed now that more “mainstream” media is picking this up. I imagine they knew how relatively small their community was and was just hoping for it to all blow over.
|
|
#
?
Feb 20, 2018 09:48
|
|
|
Unless you are the police and have an individual suspected of serious crime, collecting PII at that level is 100% indefensible. I hope they get sued out of existence and the law reams their asses so hard they'll need a donut pillow to sit on for the rest of their lives.
|
|
#
?
Feb 20, 2018 10:04
|
|
|
Who they think they are: Who they actually are: 
|
|
#
?
Feb 20, 2018 10:16
|
|
|
I can't believe a company actually put malware in their product 
|
|
#
?
Feb 20, 2018 10:43
|
|
|
Sefal posted:I can't believe a company actually put malware in their product Salon.com has put cryptominers in their homepage I'm not sure why you disbelieve
|
|
#
?
Feb 20, 2018 11:16
|
|
|
Sefal posted:I can't believe a company actually put malware in their product Let me introduce you to the Sony Rootkit Scandal https://en.m.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal
|
|
#
?
Feb 20, 2018 12:42
|
|
|
Holy poo poo.
|
|
#
?
Feb 20, 2018 12:50
|
|
|
I'm really glad this is blowing up in their face and I truly hope it hurts them in the long run.
|
|
#
?
Feb 20, 2018 15:29
|
|
|
Boris Galerkin posted:
"apologize that we offended you" 
|
|
#
?
Feb 20, 2018 15:35
|
|
|
Sefal posted:I can't believe a company actually put malware in their product Please tell me you're being sarcastic haha
|
|
#
?
Feb 20, 2018 17:58
|
|
|
CLAM DOWN posted:Please tell me you're being sarcastic haha I wish.
|
|
#
?
Feb 20, 2018 18:05
|
|
|
Sefal posted:I wish. Why are you surprised at this point? This wasn’t the first or even the biggest, just maybe the nerdiest.
|
|
#
?
Feb 20, 2018 19:37
|
|
|
I hadn't heard of companies selling software with malware hidden to consumers before. The sony rootkit was also something i hadn't heard of before, or forgot.
|
|
#
?
Feb 20, 2018 19:48
|
|
|
Sefal posted:I hadn't heard of companies selling software with malware hidden to consumers before. This isn't a dig at you but.... It blows my mind that someone could be on the nerd forums and specifically a thread about infosec and had not heard of this kind of poo poo.
|
|
#
?
Feb 20, 2018 20:35
|
|
|
This very post of mine has a bitcoin miner embedded in it, you're all hosed now
|
|
#
?
Feb 20, 2018 20:49
|
|
|
Maybe now you'll be able to afford the Canadian internet and wireless prices to post from home rather than Tim Horton's across the street.
|
|
#
?
Feb 20, 2018 21:10
|
|
|
ChubbyThePhat posted:Maybe now you'll be able to afford the Canadian internet and wireless prices to post from home rather than Tim Horton's across the street. poo poo, maybe he can upgrade to a bigger cardboard box, or a tarp or something given the housing market where he lives.
|
|
#
?
Feb 20, 2018 22:22
|
|
|
|
| # ? Jun 10, 2024 20:14 |
|
|
In totally unrelated news, thanks Bitcoin! https://blog.redlock.io/cryptojacking-tesla quote:A few months ago, the RedLock Cloud Security Intelligence (CSI) team found hundreds of Kubernetes administration consoles accessible over the internet without any password protection.
|
|
#
?
Feb 21, 2018 06:15
|
|