can we have a statement on risk to our computers?

[Major Miner II]

Stratics was compromised, it was a real security threat, and I think the site should have been taken down and the stratics.com domain redirected to a "Down for maintenance" page, or something similar. That would have been the respectful and secure way to handle it, instead of leaving people open to attack and then downplaying the nature of the actual threat.

That wouldn't have helped anything.

While yes, its partially Stratics fault, its a blame that lie with people far in the past that aren't even here anymore and haven't been in a long time

Stratics was compromised, it was a real security threat, and I think the site should have been taken down and the stratics.com domain redirected to a "Down for maintenance" page, or something similar. That would have been the respectful and secure way to handle it, instead of leaving people open to attack and then downplaying the nature of the actual threat.

That wouldn't have helped anything.

Take your agenda elsewhere.
While yes, its partially Stratics fault, its a blame that lie with people far in the past that aren't even here anymore and haven't been in a long time

Wait. Not turning off the boards during the attack yesterday was the fault of people who left a long time ago?

Seriously?

I've run enough vBulletin sites to know, it's one click.

rolleyes:

Take your agenda elsewhere, folks.

I'm open to suggestions.

Seems like simply informing LC as to the mechanics of vBulletin isn't against the RoC, and is rather on topic for this thread.

Please feel free to PM me a warning if I am wrong, and I'll take it up with George.

 

[Major Miner II]

Wait. Not turning off the boards during the attack yesterday was the fault of people who left a long time ago?

Seriously?

I've run enough vBulletin sites to know, it's one click.

rolleyes:

dude, browers have vulnerabilities.

if someone is successful at distributing a new version of a virus, there's not much that can be done.

http://www.mozilla.org/security/known-vulnerabilities/

Okay. What did my saying the boards could have easily been turned off do to merit your response?

 

[kelmo]

I'm open to suggestions.

Seems like simply informing LC as to the mechanics of vBulletin isn't against the RoC, and is rather on topic for this thread.

Please feel free to PM me a warning if I am wrong, and I'll take it up with George.

I suggest you send your imformative comments to Lord Chaos via PM. A statement was asked for and it was given.

 

[Major Miner II]

I'm open to suggestions.

Seems like simply informing LC as to the mechanics of vBulletin isn't against the RoC, and is rather on topic for this thread.

Please feel free to PM me a warning if I am wrong, and I'll take it up with George.

I suggest you send your imformative comments to Lord Chaos via PM. A statement was asked for and it was given.

His information was misleading. If you didn't want comments, you should have locked the thread.

 

[Kellogg]

For what it's worth, I've gotten phishing emails related to MMO's long before this incident on Stratics. I have no idea how many I have gotten because they go straight to my junk folder, but I know Stratics had nothing to do with them.

And if anyone got infected because they haven't kept Windows and IE up to date, well, I'm afraid you have to take some responsibility for that. There really isn't much of an excuse for not being up to date these days, and most of the threats that you see on the internet exploit vulnerabilities that have been fixed long ago. My guess is that is the case with these as well.

And if you are still running Windows 9x/Me, well I'm afraid it is long past time when those operating systems should have been ditched. Windows 7 will run on pretty old machines, and if money is an issue, Linux is a good option, and both the classic and the enhanced clients will run on Linux with WINE, including UOA.

Yes, everyone is responsible for maintaining security on their own computer.

No, this post is not acceptable.
http://vboards.stratics.com/showthread.php?t=211041

Stratics was compromised, it was a real security threat, and I think the site should have been taken down and the stratics.com domain redirected to a "Down for maintenance" page, or something similar. That would have been the respectful and secure way to handle it, instead of leaving people open to attack and then downplaying the nature of the actual threat.

This.

When I say 'no staff member got an infection' that is the absolute truth.

There are thousands of computer configurations. A couple Stratics staff not being affected means nothing. People are posting they were infected from the Stratics attack. The announcements that Stratics did not distribute any malware is ridiculous. It is even worse to place the blame on people affected for not being able to block it.

And this.

Seeing people's concerns being dismissed so easily is disconcerting, at best. And seeing those people blamed for their infections is even more so.

Proper accountability would be a nice thing to see. Plus, it would be a wise business practice in general.

 

[Kellogg]

Stratics was compromised, it was a real security threat, and I think the site should have been taken down and the stratics.com domain redirected to a "Down for maintenance" page, or something similar. That would have been the respectful and secure way to handle it, instead of leaving people open to attack and then downplaying the nature of the actual threat.

That wouldn't have helped anything.

While yes, its partially Stratics fault, its a blame that lie with people far in the past that aren't even here anymore and haven't been in a long time

Stratics was compromised, it was a real security threat, and I think the site should have been taken down and the stratics.com domain redirected to a "Down for maintenance" page, or something similar. That would have been the respectful and secure way to handle it, instead of leaving people open to attack and then downplaying the nature of the actual threat.

That wouldn't have helped anything.

Take your agenda elsewhere.
While yes, its partially Stratics fault, its a blame that lie with people far in the past that aren't even here anymore and haven't been in a long time

Wait. Not turning off the boards during the attack yesterday was the fault of people who left a long time ago?

Seriously?

I've run enough vBulletin sites to know, it's one click.

rolleyes:

Take your agenda elsewhere, folks.

I'm a bit confused. I thought they were discussing the topic at hand. Were you giving them a warning as a moderator?

If so, please educate us on what specifically was in violation with their posts so we can strive to avoid such infractions in the future. I ask this in public, and request the answer be in public, in case I wasn't the only one confused.

 

[kelmo]

I'm a bit confused. I thought they were discussing the topic at hand. Were you giving them a warning as a moderator?

If so, please educate us on what specifically was in violation with their posts so we can strive to avoid such infractions in the future. I ask this in public, and request the answer be in public, in case I wasn't the only one confused.

I am sorry you are confused. The topic is about Stratics being a risk. It is not.

Warning as a moderator? Defiantly.

If your system has been compromised, we want to hear about it. Perhaps we can help.

 

[Major Miner II]

Warning as a moderator? Defiantly.

Freudian slip there Kelmo old buddy?

And if it's only about whether or not Stratics put people at risk, you need to warn a buttload of people who posted in this thread.

Chop chop.

Or are LC and I just special?

 

[kelmo]

Leave the modding to us. *tips hat*

 

[Major Miner II]

Leave the fair and equal modding to us. *tips hat*

*fixed*

 

[kelmo]

This pertains to secure computers?

 

[Major Miner II]

This pertains to secure computers?

It did until you derailed it. lol

 

[Harlequin]

Harlequin, I'll make a sticky. The rest of your question will need a response I'm not qualified to give.

Thanks, no worries, my other questions were directed at George.

 

[Major Miner II]

Okay. To be fair, I just an email from Blizzard to the email account I have registered with Stratics. I haven't got one of these in YEARS! Now I have one less than 15 minutes ago.

Coincidence?

(good enough for you K-man? )

 

[Viper09]

Okay. To be fair, I just an email from Blizzard to the email account I have registered with Stratics. I haven't got one of these in YEARS! Now I have one less than 15 minutes ago.

Coincidence?

(good enough for you K-man? )

I have gotten e-mails for paypal, WoW, etc long before the recent problems with stratics. Same with a lot of other people here.

 

[Major Miner II]

Okay. To be fair, I just an email from Blizzard to the email account I have registered with Stratics. I haven't got one of these in YEARS! Now I have one less than 15 minutes ago.

Coincidence?

(good enough for you K-man? )

I have gotten e-mails for paypal, WoW, etc long before the recent problems with stratics. Same with a lot of other people here.

And it could be coincidence. But seriously. YEARS!

 

[Major Miner II]

I sent all the header info to George.

We'll see what he can make of it.

 

[Dutchhans]

Okay. To be fair, I just an email from Blizzard to the email account I have registered with Stratics. I haven't got one of these in YEARS! Now I have one less than 15 minutes ago.

Coincidence?

(good enough for you K-man? )

Same here, changed my email for Stratics a couple months ago, didn't get any of the Blizzard, and others on the new account, but had one since the infection of Stratics.

 

[rieley]

Please forgive me upfront, however I notice there are many post to read through. I am just now getting to read them, what I'm looking for is someone here that has the time to PM me and assist me with this problem.

My computer was hit with a horrible virus/trojan or something. Just this month I did an across country move and been extremely busy so had to just turn my computer off for a few days and cry about it.

I know nothing of these viruses, what I ended up doing was restoring my computer back to manufacture settings from the original disk. How it began, I think, was I was reading an email from this Blizzard about my account with them being used for illegal purposes. I dont have an account with them. As far as I can recall the only computering I did was email, stratics, and UO. Comcast had just connected my connection a day or two prior. So, as I stated I was still unpacking and not on the computer much, only to read mail and check out my UO.

If anyone has the time, could we PM? I'm uncomfortable with me restoring from the disk and not certain how to tell if I completely removed the trojan because I did have a firewall and virus program. I now have Norton which is provided with my new internet service.

I will read through these posts, and hope someone here will be able to PM that knows something about what I should look for or where to send me on the net.

Thanks much.

Dendra/Atlantic

 

[Viper09]

As far as I know those emails are only phishing attempts. Just opening them shouldn't infect your computer unless you download something. I never had an account with WoW when I got those emails. In fact every phishing email I had gotten, which was only rare, were for websites/games I had no association to.

I read those emails just for fun, seeing how horrible they are at phishing attempts I have never gotten any virus whatsoever from reading them. You could also just download a virus detection program. I use AVG, the free version, and I find it works very well.

 

[Kellogg]

I'm a bit confused. I thought they were discussing the topic at hand. Were you giving them a warning as a moderator?

If so, please educate us on what specifically was in violation with their posts so we can strive to avoid such infractions in the future. I ask this in public, and request the answer be in public, in case I wasn't the only one confused.

I am sorry you are confused. The topic is about Stratics being a risk. It is not.

Warning as a moderator? Defiantly.

If your system has been compromised, we want to hear about it. Perhaps we can help.

Still confused. It appeared to me that they were discussing the attack on Stratics. Is that not what they were discussing?

Please provide some education for us on this, as I suspect I'm not the only one confused as to what was done to warrant such a warning. It would help us avoid such unpleasantness in the future.

 

[ingsmsico]

Okay. What did my saying the boards could have easily been turned off do to merit your response?

oh, right they could have shut the board down and put a message on stratics.com explaining what was going on.

 

[ingsmsico]

what I ended up doing was restoring my computer back to manufacture settings from the original disk.

you did the right thing, that's the best way to deal with an infected computer.

 

[ingsmsico]

Windows 7 will run on some pretty old hardware. A P I or P II like that guy would probably not produce great results, but from everything I've heard it will run just fine on a P III.

And if you are going to upgrade your OS, unless you are running truly ancient hardware, I'd definitely recommend Windows 7 ahead of XP. I'd also recommend a Linux distro ahead of XP.

Put it to you this way. You could probably buy a used computer that would easily run Windows 7 for under $100. But if you are going to be spending $100+ on an OS, and $100 on a used computer, you might as well save up a little bit more and get a low end new computer that will include Win 7.

The whole point being that you shouldn't be running an OS that is no longer supported, and XP is almost ten years old, and it probably isn't going to be supported for too many more years, so if you are going to be upgrading your OS to another Windows OS, you should be upgrading it to Windows 7. And Windows 7 will run on just about anything that Windows XP will.

I would recommend XP w/ 512 ram on a PIII machine if you do not want UO to lag badly. I would not even bother with a Pentium II. as far as I know, UO does not run on Linux, so you would have to run it in Wine, and people just don't want the extra hassle of learning to use Linux, especially when XP is perfectly fine.

Frankly, if you are still using a Pentium 3 or 4 it is time to start thinking about upgrading to a modern PC.

I'm curious, do you run Windows 7, if so what do you run it on?

 

[Alvinho]

Alvinho, please check your personal details in your user cp. I think you are mistaken in what you have just claimed.

I just checked and i did make a mistake, my stratics accout is sent to a @yahoo addressee

 

[Cyric]

Okay. What did my saying the boards could have easily been turned off do to merit your response?

oh, right they could have shut the board down and put a message on stratics.com explaining what is going on.

fixxed =)

 

[SchezwanBeefy]

I think that instead of saying that players didn't get viruses just because no on one your team did (but a moderator said she DID get a virus from here, so I'm not sure about that), I think you should have just said that you'd help anyone who miht have gotten a virus from the site.
The site should have gone down, period, instead of risking something. It would have prevented a lot of bad feelings and possible viruses from the site. Different machines are susceptible to different things, after all.

 

[Lord Chaos]

Taking the site down wouldn't really have helped.

 

[Llewen]

I'm curious, do you run Windows 7, if so what do you run it on?

No, I'm not running Win 7 yet. I'm saving up my shinies to get it though, shouldn't be too long, Win Pro 64 is what I'm hoping to get. My computer is a low end dual processor (AMD Athlon II X2 240, 4GB DDR SDRAM - it's nice ram, 800mhz, OCZ, but don't remember the exact handle for it).

Anyway, it should run Win 7 pretty sweetly and I'll be able to take advantage of all my ram, right now some of it gets chopped off due to the limitations of 32 bit. Yes the limit is 4GB but that includes all forms of memory, including video ram, so I'm losing over 512MB of ram, not to mention the limit per process.

 

[Kellgory]

I noticed that some people are putting their ICQ numbers on their sigs and then if you look at their ICQ profile they have an email address listed. If your one of the people who do this, please make sure that email address isn't linked to any of your UO accounts. Just another precaution.

 

[Guido_LS]

I would recommend XP w/ 512 ram on a PIII machine if you do not want UO to lag badly. I would not even bother with a Pentium II. as far as I know, UO does not run on Linux, so you would have to run it in Wine, and people just don't want the extra hassle of learning to use Linux, especially when XP is perfectly fine.

Frankly, if you are still using a Pentium 3 or 4 it is time to start thinking about upgrading to a modern PC.

I'm curious, do you run Windows 7, if so what do you run it on?

The CC and UOA run fine under Linux, on a P3 laptop, for that matter Haven't tried the EC, nor do I intend to. And anymore, the hardest thing about a Linux setup for a novice wanting to do the basics is learning how to burn an ISO. Otherwise, it's as easy, or easier, than Windows.

Another major benefit of Linux - unless one is running a VM or Crossover, they aren't susceptible, in the least, to what just happened here.

 

[Gilmour]

3 good general advice to keeping integredity of your pc.

1. when reciving emails with links, always make sure that the links you click are actual links to official webpages.

senders email adress is easely made to look official, so never trust that.

they sometimes succeed in disquising the link to IE. www.ea.com as other things, this is easely done, but modern mail clients usually catch it as phising. but check anyways. when you hover the link should say the url, make sure its to a trusted site and not u1tim4.com fx.

2. dont visit stupid webpages.. if going to a webpage you unsure if secure or not, type the url in google, if there is an icon to indicate the site is safe it is safe and you can click the link. if not then never go to that page.

3. keep antivirus or security package on your pc and keep it updated. if your security package doesnt have a firewall this normally a good idea to get seperatly, windows firewall has improved since xp but personally i still do not trust it blindly.

few good general advice to keeping integrety of your pc.

Greets
Gil

 

[Kaleb]

Linux Mint or Ubuntu , Never worry about anything!!!

 

[SchezwanBeefy]

Taking the site down wouldn't really have helped.

How would it not have helped? That is ridiculous.

 

[Lord Chaos]

Perhaps, either way, its over now.

 

[Borric]

Its only over if Stratics has plugged their security holes. I have just finished my first year of a programming degree, so I am not an expert at all. However, it sounds like Stratics has a form on the forum somewhere that does not have the proper data validation. How else would someone "inject SQL" commands into their (presumably secure) database without a username/password?

 

[SchezwanBeefy]

Perhaps, either way, its over now.

You can't even say how it would not have helped.
It would have helped if they took the site down and put up a maintenance warning.
Stop posting if you have nothing valuable to say.

 

[Ilysess]

Its only over if Stratics has plugged their security holes. I have just finished my first year of a programming degree, so I am not an expert at all. However, it sounds like Stratics has a form on the forum somewhere that does not have the proper data validation. How else would someone "inject SQL" commands into their (presumably secure) database without a username/password?

As you yourself stated, you are only just in the beginning stages of your education and are not an expert. The Stratics network is an extremely complicated group of fully modified forums that have been altered and adjusted over the years to suit our unique needs. Noone is going to come on here and explain the exact details of how things can occur to every user who thinks they should know.

For the many individuals who are complaining about the boards not being taken down, the statement issued by George etc, please take a step back and recognize that just as the individual above does not comprehend our systems fully, nor do any of you.

Yes you may feel that things should have been done differently, but ultimately it was not deemed necessary, and no amount of complaining after the fact is going to change that.

Also it is worth mentioning that at no point did George state users were not infected, what he did state was that we took extensive measures on our end and feel confident that the mass number of issues people are reporting are not a result of Stratics, HOWEVER, if you are someone who feels they have information worth looking into, to please contact us.

It seems that many individuals want to keep a battle going over this issue, when ultimately nothing can be changed about the way it was handled, the way posts or reports were made, or any other portion of the ordeal.

Everyone is entitled to their opinion, and as always people on the outside looking in feel that they have better ideas, could have resolved it faster whatever.

Whether anyone agrees or disagrees with how things were handled, it is over with and Stratics has made their best effort to offer assistance to anyone who feels they were affected. As previously stated, if you are someone who feels they have a genuine concern please bring it to our attention.