Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - Astounding

Pages: [1]
A quick search didn't show me any threads dealing with the April 2011 hack of this forum, wherein 6000 email addresses and hashed passwords were stolen.  I found out about it when my email address started receiving spam.  I only use that address here, nowhere else, and I have never shared it or posted it or made it public.

ANYONE with a SIMPLE password whose email address is one of the 6000 addresses should log in and CHANGE their password.  Even though the passwords appear to be hashed (MD5?  SHAx?), a quick dictionary attack will reveal the passwords.  I assume that this has already happened months ago.

Looking through the forums, I saw that at least one user reported his/her account was hijacked/stolen.

Site administrators, I'm curious as to what actions you have taken since April to close the security hole the hacker used.  Was it a forum software bug that a subsequent upgrade has made secure?

If you wonder if YOUR email address was one of the 6000, check here:

Here are a few 'blog and web posts about the hack:

Thanks for any/all info.

Aaron out.

Brandon Sanderson / At the Aug. 18 Provo Waldenbooks Signing
« on: August 23, 2007, 02:12:01 AM »
I enjoyed meeting Brandon briefly at his book signing at Waldenbooks in Provo.

While he was answering another fan's question, I caught a video clip (very shaky, but hey, I'm no pro) of his answer about future Elantris books.  Currently it's in MPEG4 format (iTunes/Quicktime should be able to play it, or VLC Player) and hosted on my own web server at my house (think DSL upstream connection - slooow - so patience is necessary).  If anyone wants to repost it to some service like YouTube feel free.

Here's the link:

And a screen capture from the video:


Even waiting in line was fun, as it was a chance to make new friends and meet other Sanderson fans!

Aaron out.

Pages: [1]