Login to ZARP
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: So er virgin media peps read.

So er virgin media peps read. 5 years 3 months ago #1155322

GreenZapperZ wrote:
MartinGaming wrote:
GreenZapperZ wrote:
MartinGaming wrote:

Sadly isn't the only case of something like this happening lol
How the fuck can companies of this size fuck up this badly in security?

People trust big companies way to much... they are "too big to fail". You should always make sure that a company stores your data correctly. Ask questions and do your research, because some companies clearly don't do that on their own...

The only good thing about "incidents" like this is that they force the affected companies to improve their security measures before something serious happens...
But by then you might be fucked if you're stupid enough to use the same 6 letter 2 number password for every website ever
IMO that would also be your fault... if you value your data and want to secure it, you've got to follow security best practices aswell. At least use different passwords on each site and ffs please don't use short passwords or passwords that are easily found in the dictionary. In optimal conditions an attacker would have to spend around 12 hours at max to crack your password (eight characters). And if for some unknown reason you need / want to use the same passwords on multiple sites... PLEASE don't be so stupid and use the password for your email account somewhere else...

Not saying that the company did everything right... but if your whole internet presence gets compromised because you use the same password on every account, you've got to take some blame aswell...
  • Martin
  • Martin's Avatar
  • Offline
  • Community Owner
  • ZARP VIP Golden Blue Badge
  • Square Pizza is the BEST!
  • Posts: 2293
  • Thanks received: 1890
  • Karma: 204
Last Edit: 5 years 3 months ago by Martin.
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155323

I don't think postman pat will be reading any of my mail for whatever reason
  • Lewis_is_java
  • Lewis_is_java's Avatar
  • Offline
  • Adept Boarder
  • ZARP VIP
  • Λεωνίδᾱς
  • Posts: 7205
  • Thanks received: 4709
  • Karma: -65
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155324

Lewis_is_java wrote:
I don't think postman pat will be reading any of my mail for whatever reason

HE CAN'T JUST READ YOUR MAIL! THAT WOULD BE ILLEGAL :ohmy:
  • Martin
  • Martin's Avatar
  • Offline
  • Community Owner
  • ZARP VIP Golden Blue Badge
  • Square Pizza is the BEST!
  • Posts: 2293
  • Thanks received: 1890
  • Karma: 204
Last Edit: 5 years 3 months ago by Martin.
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155326

Big yikes for vm
  • Micky
  • Micky's Avatar
  • Offline
  • Mythical Boarder
  • ZARP VIP
  • Posts: 5775
  • Thanks received: 7911
  • Karma: -42
Login or register to post a reply.
The following user(s) said Thank You: schnitzel nazi

So er virgin media peps read. 5 years 3 months ago #1155338

MartinGaming wrote:
GreenZapperZ wrote:
MartinGaming wrote:
GreenZapperZ wrote:
MartinGaming wrote:

Sadly isn't the only case of something like this happening lol
How the fuck can companies of this size fuck up this badly in security?

People trust big companies way to much... they are "too big to fail". You should always make sure that a company stores your data correctly. Ask questions and do your research, because some companies clearly don't do that on their own...

The only good thing about "incidents" like this is that they force the affected companies to improve their security measures before something serious happens...
But by then you might be fucked if you're stupid enough to use the same 6 letter 2 number password for every website ever
IMO that would also be your fault... if you value your data and want to secure it, you've got to follow security best practices aswell. At least use different passwords on each site and ffs please don't use short passwords or passwords that are easily found in the dictionary. In optimal conditions an attacker would have to spend around 12 hours at max to crack your password (eight characters). And if for some unknown reason you need / want to use the same passwords on multiple sites... PLEASE don't be so stupid and use the password for your email account somewhere else...

Not saying that the company did everything right... but if your whole internet presence gets compromised because you use the same password on every account, you've got to take some blame aswell...

If the big corps cannot be bothered to keep my data safe why in the world should everyone else have too. Just to remind you that is why that is illegal to have passwords in plain text: Page 11
  • DEADMONSTOR
  • DEADMONSTOR's Avatar
  • Offline
  • Former Owner
  • ZARP VIP
  • Posts: 9277
  • Thanks received: 3799
  • Karma: 80
...
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155340

It is dumb for virgin media to not hash the passwords, however them mailing the password by mail is a completely normal procedure;Banks literally mail your debit or credit card.


I am not going to go digging into country specific and international law to see whether the act of not hashing passwords is legal or not, however I think it is idiotic to think if it truly was illegal, their legal team just missed it or glanced over it.

As for Deadmonstor, what you linked literally doesn't say what you think it says, the link that you give is a "password guidance approach", it is not an actual law there are no statues for the so called law, there is no penal code, there is no paragraph number, you are simply miss interpreting their "SHOULD".
I SHOULD WIPE MY ASS AFTER TAKING A SHIT BUT I AM NOT PUNISHABLE BY LAW IF I DONT ;)

On the topic of hashing, most php based databases use md5 hash anyways which takes mere seconds to crack.
I also love that some people are acting like this little thing is actually going to tank virgin media, if their company would be public we wouldn't even see their stock decline by pennies under a magnifier.
  • qdqdqdqd
  • qdqdqdqd's Avatar
  • Offline
  • Senior Boarder
  • ZARP VIP
  • Nade,Vitx,Aspect Simon&Hermoine,Plankton
  • Posts: 574
  • Thanks received: 148
  • Karma: -6
Ex-MC Owner and developer
Old, old Ex-SSRP staff
Ex-TS staff
Hermoine <3
Login or register to post a reply.
The following user(s) said Thank You: Lewis_is_java

So er virgin media peps read. 5 years 3 months ago #1155341

FluffyOP wrote:
It is dumb for virgin media to not hash the passwords, however them mailing the password by mail is a completely normal procedure;Banks literally mail your debit or credit card.

Remind me on the other ways to get a physical bank card to a new customer, I know there’s many other, more sensible, solutions for resetting passwords but I’m intrigued by your comment
  • .uzi
  • .uzi's Avatar
  • Offline
  • Former Community Manager
  • ZARP VIP Golden Blue Badge
  • Foos yer doos?
  • Posts: 6007
  • Thanks received: 2443
  • Karma: 123
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155342

.uzi wrote:
FluffyOP wrote:
It is dumb for virgin media to not hash the passwords, however them mailing the password by mail is a completely normal procedure;Banks literally mail your debit or credit card.

Remind me on the other ways to get a physical bank card to a new customer, I know there’s many other, more sensible, solutions for resetting passwords but I’m intrigued by your comment
Literally everyone in this thread were making jokes about how unsecure sending someones password through the mail is I wasn't making a claim about it's efficacy rather then the asinine security argument.
  • qdqdqdqd
  • qdqdqdqd's Avatar
  • Offline
  • Senior Boarder
  • ZARP VIP
  • Nade,Vitx,Aspect Simon&Hermoine,Plankton
  • Posts: 574
  • Thanks received: 148
  • Karma: -6
Ex-MC Owner and developer
Old, old Ex-SSRP staff
Ex-TS staff
Hermoine <3
Login or register to post a reply.
The following user(s) said Thank You: luke_

So er virgin media peps read. 5 years 3 months ago #1155343

FluffyOP wrote:
As for Deadmonstor, what you linked literally doesn't say what you think it says, the link that you give is a "password guidance approach", it is not an actual law there are no statues for the so called law, there is no penal code, there is no paragraph number, you are simply miss interpreting their "SHOULD".
I SHOULD WIPE MY ASS AFTER TAKING A SHIT BUT I AM NOT PUNISHABLE BY LAW IF I DONT ;)


It's literally illegal to keep it plain text if there ever was a breach into their database they would have to pay a LOT in damages to the customers that were affected
Although the GDPR does not say anything specific about passwords, you are required to process personal data securely by means of appropriate technical and organizational measures.

There are a number of considerations you will need to take account of when designing your password system, such as the use of an appropriate hashing algorithm to store your passwords, protecting the means by which users enter their passwords, defending against common attacks and the use of two-factor authentication.
  • DEADMONSTOR
  • DEADMONSTOR's Avatar
  • Offline
  • Former Owner
  • ZARP VIP
  • Posts: 9277
  • Thanks received: 3799
  • Karma: 80
...
Last Edit: 5 years 3 months ago by DEADMONSTOR.
Login or register to post a reply.
The following user(s) said Thank You: .uzi

So er virgin media peps read. 5 years 3 months ago #1155345

FluffyOP wrote:
.uzi wrote:
FluffyOP wrote:
It is dumb for virgin media to not hash the passwords, however them mailing the password by mail is a completely normal procedure;Banks literally mail your debit or credit card.

Remind me on the other ways to get a physical bank card to a new customer, I know there’s many other, more sensible, solutions for resetting passwords but I’m intrigued by your comment
Literally everyone in this thread were making jokes about how unsecure sending someones password through the mail is I wasn't making a claim about it's efficacy rather then the asinine security argument.

We are in a time where technology is so advanced there is absolutely no way sending people’s passwords via post should be considered “normal”.

There is no comparison to sending bank cards to customers either considering they are fundamentally different; one is a physical object (that obviously has associated digital data), the other is just data

Companies exist nowadays that were built on the very principle that their end user’s data absolutely should be safe, hell, some fork out for “military grade” security (in quotes because there’s a chance it’s just a buzz phrase now). It is an absolute joke
  • .uzi
  • .uzi's Avatar
  • Offline
  • Former Community Manager
  • ZARP VIP Golden Blue Badge
  • Foos yer doos?
  • Posts: 6007
  • Thanks received: 2443
  • Karma: 123
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155346

What you posted now, is what you should have posted the first time, but once again this is just another legal grey area they are sitting under, even the mere fact that they don't specifically mention passwords and hashing or don't define what counts as securely could win the case for them.
  • qdqdqdqd
  • qdqdqdqd's Avatar
  • Offline
  • Senior Boarder
  • ZARP VIP
  • Nade,Vitx,Aspect Simon&Hermoine,Plankton
  • Posts: 574
  • Thanks received: 148
  • Karma: -6
Ex-MC Owner and developer
Old, old Ex-SSRP staff
Ex-TS staff
Hermoine <3
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155347

.uzi wrote:
FluffyOP wrote:
.uzi wrote:
FluffyOP wrote:
It is dumb for virgin media to not hash the passwords, however them mailing the password by mail is a completely normal procedure;Banks literally mail your debit or credit card.

Remind me on the other ways to get a physical bank card to a new customer, I know there’s many other, more sensible, solutions for resetting passwords but I’m intrigued by your comment
Literally everyone in this thread were making jokes about how unsecure sending someones password through the mail is I wasn't making a claim about it's efficacy rather then the asinine security argument.

We are in a time where technology is so advanced there is absolutely no way sending people’s passwords via post should be considered “normal”.

There is no comparison to sending bank cards to customers either considering they are fundamentally different; one is a physical object (that obviously has associated digital data), the other is just data

Companies exist nowadays that were built on the very principle that their end user’s data absolutely should be safe, hell, some fork out for “military grade” security (in quotes because there’s a chance it’s just a buzz phrase now). It is an absolute joke
Who are you even talking to? I don't disagree with any of this?
Did you even see my reply?
  • qdqdqdqd
  • qdqdqdqd's Avatar
  • Offline
  • Senior Boarder
  • ZARP VIP
  • Nade,Vitx,Aspect Simon&Hermoine,Plankton
  • Posts: 574
  • Thanks received: 148
  • Karma: -6
Ex-MC Owner and developer
Old, old Ex-SSRP staff
Ex-TS staff
Hermoine <3
Login or register to post a reply.

So er virgin media peps read. 5 years 3 months ago #1155412

MartinGaming wrote:
GreenZapperZ wrote:
MartinGaming wrote:
GreenZapperZ wrote:
MartinGaming wrote:

Sadly isn't the only case of something like this happening lol
How the fuck can companies of this size fuck up this badly in security?

People trust big companies way to much... they are "too big to fail". You should always make sure that a company stores your data correctly. Ask questions and do your research, because some companies clearly don't do that on their own...

The only good thing about "incidents" like this is that they force the affected companies to improve their security measures before something serious happens...
But by then you might be fucked if you're stupid enough to use the same 6 letter 2 number password for every website ever
IMO that would also be your fault... if you value your data and want to secure it, you've got to follow security best practices aswell. At least use different passwords on each site and ffs please don't use short passwords or passwords that are easily found in the dictionary. In optimal conditions an attacker would have to spend around 12 hours at max to crack your password (eight characters). And if for some unknown reason you need / want to use the same passwords on multiple sites... PLEASE don't be so stupid and use the password for your email account somewhere else...

Not saying that the company did everything right... but if your whole internet presence gets compromised because you use the same password on every account, you've got to take some blame aswell...
Yeah, personally I use a password manager and have the LONG password to the manager on a piece of paper and I have 2FA everywhere I can.
I was just saying a lot of people are guilty of that sin.
  • CBT
  • CBT's Avatar
  • Offline
  • User is blocked
  • Posts: 686
  • Thanks received: 75
  • Karma: 12
-Calvin Johnson
Login or register to post a reply.
  • Page:
  • 1
  • 2
Time to create page: 0.124 seconds

128 PLAYERS ONLINE

Connect to server View Gametracker DarkRP 1
4/127
online
Connect to server View Gametracker Deathrun
0/40
online
Connect to server View Gametracker TTT
0/47
online
Connect to server View Gametracker Bhop
0/32
online
Connect to server View Gametracker Surf
0/32
online
Connect to server View Gametracker Prop Hunt
0/42
online
Connect to server View Gametracker Sandbox
0/42
online
Connect to server Discord
124/910
online
Top