 |
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||
  |
| Wikitaka |
 Fri 16th March 2012, 9:43pm
Post
#1
|
|
New Member  Group: Contributors Posts: 24 Joined: Fri 9th Mar 2012, 9:47pm Member No.: 76,720  |
How great is the possibility of a database hack attack on WP by e.g. LulzSec, Anonymous, etc that would retrieve the full user list with passwords, etc and the "top secret" areas like CU, ArbCom, Jimbo's files, and so on?
You don't have to be an Einstein to know that it would be an interesting (and shocking) read...  |
   |
 
|
| jsalsman |
Fri 16th March 2012, 9:55pm
Post
#2
|
 New Member Group: Contributors Posts: 45 Joined: Tue 21st Feb 2012, 6:57pm Member No.: 76,279 |
QUOTE(Wikitaka @ Fri 16th March 2012, 3:43pm)  How great is the possibility of a database hack attack on WP by e.g. LulzSec, Anonymous, etc that would retrieve the full user list with passwords, etc QUOTE and the "top secret" areas like CU, ArbCom, Jimbo's files, and so on? Well, that has happened and will probably continue to happen periodically. All the sensitive email lists are distributed to many people by email, and few of them take the kind of precautions that most people named in those emails would probably prefer. Until that changes, it's probably safer to use a pseudonym for your email as well as your wiki accounts if you have anything to lose by exposure. |
|
|
|
| Wikitaka |
Fri 16th March 2012, 10:00pm
Post
#3
|
|
New Member Group: Contributors Posts: 24 Joined: Fri 9th Mar 2012, 9:47pm Member No.: 76,720 |
The easiest way, but one of the most unlikely ways to get further access to the ArbCom/CU mailing lists would be creating a Gmail account in the name of an arb/CU, sending an E-mail to the mailing list saying that the e-mail of the arb has been compromised and has to be removed from the mailing list urgently while the account you are using is given access.
Highly unlikely, but you never know with the Arbs.... |
|
|
|
| carbuncle |
Fri 16th March 2012, 10:00pm
Post
#4
|
 Fat Cat Group: Regulars Posts: 1,601 Joined: Sun 30th Mar 2008, 4:48pm Member No.: 5,544 |
QUOTE(Wikitaka @ Fri 16th March 2012, 9:43pm) How great is the possibility of a database hack attack on WP by e.g. LulzSec, Anonymous, etc that would retrieve the full user list with passwords, etc and the "top secret" areas like CU, ArbCom, Jimbo's files, and so on? You don't have to be an Einstein to know that it would be an interesting (and shocking) read... Nobody outside of WP circles would be even vaguely interested. Inside WP circles, however, some people would get very nervous. Having your username, email, and password exposed tends to make people feel that way. I doubt there would be much damaging WP-related info that could be gleaned from that kind of a data leak (short of people using the same email for their sockpuppets). I don't think this is in the cards - where's the attraction for someone with the skills to do it? After all, this isn't script-kiddy territory where someone can just look for known, unpatched exploits. They would have to actually do some work. |
|
|
|
| barney |
Sat 17th March 2012, 6:16am
Post
#5
|
|
Neophyte Group: Contributors Posts: 6 Joined: Fri 16th Mar 2012, 9:39pm Member No.: 76,900 |
What about all these automated tools Wikipedians use like Twinkle or whatever? Seems like those would be a prime way to attack WP, for a skilled hacker.
|
|
|
|
|
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:
|
Lo-Fi Version | Time is now: 23rd 5 13, 8:35pm |