Log inRegister an accountBrowse CSDbHelp & documentationFacts & StatisticsThe forumsAvailable RSS-feeds on CSDbSupport CSDb Commodore 64 Scene Database
You are not logged in - nap
CSDb User Forums


Forums > CSDb Questions > Database/PM possible breach
2021-06-18 13:47
Jammer

Registered: Nov 2002
Posts: 1335
Database/PM possible breach

Question first of all to Perff, I suppose.

Is it possible that content of users' PMs can be breached in any way? Or are links shared in PMs stored in any separate cache, table etc.?

I don't want to go into much details on this but years ago I worked with very talented scener on really cool game, being responsible for audio part as usual. After couple of years, he sent me (and as I heard only me) a PM with link to recent build inside. And, before I could practically do anything with it because of my temporary hardware troubles, link was already retrieved by crackers. Some bogus crack group released but it's already figured out which guys cracked it actually.

I don't want to throw accusations around yet so I write in general tone but this crack was all in all done at expense of me having civil if not friendly relationship with aforementioned scener, and he will probably never work with me again. The way of obtaining the original supply was truly low and despicable. Is it how crackers roll nowadays? :( How safe are PMs here?
 
... 11 posts hidden. Click here to view all posts....
 
2021-06-18 16:04
Jammer

Registered: Nov 2002
Posts: 1335
And well known crackers usually release stuff under some shady alias? :D That's an instant red flag it was done beyond any community standards and they knew it would not be welcomed very well.

LAMERS!
2021-06-18 16:17
Count Zero

Registered: Jan 2003
Posts: 1927
Not wanting to defend those "lamers" or answer instead of Perff but I have seen some funny leaks already. Public repository is just a normal facepam there. The "Maxthon" download manager tells all DL urls it finds to china even :)

Let's see whats the next step whenever Perff likely answers that moderators are not able to access private PMs and admins dont do that (as they simply have no interest in cracking scene issues).

(Currently we are not aware of a data breach - of course: ANYTHING that would point to such we'd investigate instantly.)
2021-06-18 16:35
iAN CooG

Registered: May 2002
Posts: 3187
It's kinda weird finding someone still thinking that crackers have any need to show respect to anyone, the fact they are releasing ILLEGAL alterations of original software with the sole intent to make it free despite the laws telling not to do so, does make you think otherwise? They are no gentleman and don't care about your economic loss or anything else about you.
2021-06-18 16:49
Jammer

Registered: Nov 2002
Posts: 1335
Quoting iAN CooG
It's kinda weird finding someone still thinking that crackers have any need to show respect to anyone, the fact they are releasing ILLEGAL alterations of original software with the sole intent to make it free despite the laws telling not to do so, does make you think otherwise? They are no gentleman and don't care about your economic loss or anything else about you.

If you say so... :D Why not publish all download links here then and take a nice big dump on devs' work? After all, crackers are deprived of all humanity and C64 games are not profitable anyway, following your nihilistic take on the problem.
2021-06-18 17:09
iAN CooG

Registered: May 2002
Posts: 3187
infact some of us share CSDb hidden links in other places (not that they are hard to derivate empirically anyway), CSDb is nice to devs, we don't have to =)
2021-06-19 11:24
TheRyk

Registered: Mar 2009
Posts: 2220
Crackers crack, damn sobs

However, don't find it very LIKELY they hack PMs for doing so, but that's not much more than a feeling, you can definetely be sure though that no mod/admin accesses your PMs at all, not to speak of leaking it to them cr4xXor2

More likely: Game devs nowadays put all ther WIP on Github and rather carelessly babble about it on forums or maybe IRC. Always big fun when these guys freak out about being cracked, as they really begged for it by leaking.
2021-06-19 11:53
F7sus4

Registered: Apr 2013
Posts: 117
Quote: Initially it was supposed to be PM to Perff. But I decided to call some stinky shit out publicly for educational purpose ;) That's why I skipped groups/names etc. for now, but I do hope that people who resolve to such low tactics have a little sweat on their necks already.

I do sympathize, yet it feels like there's key context missing.

It just would be very odd (which is a different way to say "extremely unlikely") to target specific person's PMs (yours) and coincidentally get into position of finding a secret link with a release when tons of them are being shared between people here on a daily basis, including unfinished demos/music sketches etc. and... nothing happens.

In my opinion, the file was grabbed from the main source after the link was generated and not via your PMs, though it partially depends on what kind of link it was. We can discuss the likeliness of downloading Google-drive stuff with protected access etc. but if you simply put a file on your private server, there'd be bunch of download attempts the very same day or even shortly after. If you're associated with demoscene and have a nice website of yours, the chances that it's being sneakily browsed is surprisingly high.

What I'm trying to say is that your friend himself/herself was probably the person that unwillingly allowed the leak to happen. I do understand where the angry tone comes from, but at the same time it would be good to acknowledge that it might be roaring at the wind.
2021-06-19 14:12
Jammer

Registered: Nov 2002
Posts: 1335
That's the most rational explanation. But it's also possible that some wiseguys have tools that scan things bruteforce on daily basis if anything comes by. Like this :(
2021-06-19 16:28
chatGPZ

Registered: Dec 2001
Posts: 11365
Quote:
But it's also possible that some wiseguys have tools that scan things bruteforce on daily basis if anything comes by.

scan what? your PMs? how?
2021-06-19 20:31
Perff
Administrator

Posts: 1679
PM'ed Jammer. :D

But I hope CSDb is as secure as one would expect, and private messages are private. At least that is the idea. :)

If anyone finds a xecurity breach, feel free to contact me. Thanks!
Previous - 1 | 2 | 3 - Next
RefreshSubscribe to this thread:

You need to be logged in to post in the forum.

Search the forum:
Search   for   in  
All times are CET.
Search CSDb
Advanced
Users Online
Hoild/Ultimate Newco..
Jazzcat/Onslaught
Magnar
grennouille
Higgie/Kraze/Slackers
sachy/BOOM!
Guests online: 94
Top Demos
1 Next Level  (9.7)
2 13:37  (9.7)
3 Coma Light 13  (9.7)
4 Edge of Disgrace  (9.6)
5 Mojo  (9.6)
6 The Demo Coder  (9.6)
7 What Is The Matrix 2  (9.6)
8 Uncensored  (9.6)
9 Comaland 100%  (9.6)
10 Wonderland XIV  (9.6)
Top onefile Demos
1 Layers  (9.6)
2 Party Elk 2  (9.6)
3 Cubic Dream  (9.6)
4 Copper Booze  (9.6)
5 Libertongo  (9.5)
6 Rainbow Connection  (9.5)
7 Onscreen 5k  (9.5)
8 Morph  (9.5)
9 Dawnfall V1.1  (9.5)
10 It's More Fun to Com..  (9.5)
Top Groups
1 Performers  (9.3)
2 Booze Design  (9.3)
3 Oxyron  (9.3)
4 Nostalgia  (9.3)
5 Triad  (9.3)
Top NTSC-Fixers
1 Pudwerx  (10)
2 Booze  (9.7)
3 Stormbringer  (9.7)
4 Fungus  (9.6)
5 Grim Reaper  (9.3)

Home - Disclaimer
Copyright © No Name 2001-2024
Page generated in: 0.048 sec.