So, the
hacker attack on Familjeliv left me a bit drained. Mostly because of the
nonchalance of the people on Familjeliv. Here’s the rundown:
A hacker found a nice little hole in the
session cookies at large, parent-targeted Swedish forum Familjeliv.se, and
decided to take action. According to the first hacker, he did NOT want to do
anything malicious, but as Familjeliv.se didn’t heed his previous warnings
about this hole, he decided that drastic action was called for. Adding a little
extra code to the session cookies, he could basically hi-jack anyone’s account and
surf around pretending he was them. He, and he alone, did this Sunday night,
doing nothing but demonstrating what could be done with that hole. As far as I noticed,
he stuck to one forum thread that night, only replying to other users that
posted in his thread. That thread, however, was shut down late Sunday night. Monday
noon, when I first logged in, he was at it again, this time more persistently.
He maintained, however, that he meant no harm and only wanted familjeliv.se to
take some action. I here suspect that he himself is a member of the forum, and
really was only concerned with his own and other forum members safety. Over the
course of Monday afternoon, though, things escalated. I cannot say and wish not
to speculate in whether or not it was the original hacker that posted the hack
on the other largest (way larger and wider) forum targeting a Swedish audience,
Flashback.se, but it ended up there somehow. After that, users of famljeliv.se
got their accounts hi-jacked left and right, their accounts were used to post
things they did not support, some people were “outed” in threads where they
wished to be anonymous, and so forth. Fortunately, this seems to have amounted
to some more or less harmless inconveniences, and the worst of it seems to have
amounted to one user having their password changed. Some people might have to
regain some reputation. Personally, I only had a couple of posts written by
myself to myself, and a lot of logout forced by… well, someone. Exasperating,
to be sure, but harmless.
The worst bit about this hacker attack was not
the attack itself, but rather the MASSIVE silence from Familjeliv.se. They
deleted some threads the hacker started to show what he had found, but refused
to say anything on the subject. I say refused, because today, an internet news
site publicized a short article on the subject, where they had also interviewed
the boss of familjeliv.se, where she stated that “We were aware of the problem
as of 18.00 Monday night and the problem was fixed at 18.19. It took us 20
minutes to come up with a fix. This is no big deal, our users needn’t worry.”
Yeah, I call bullshit. As I stated above, the hacker had already been in the
night BEFORE and he had had forum threads DELETED the night before.
Familjeliv.se were CLEARLY aware of the problem. So, here’s my guess: It was Sunday
night, Easter, and they couldn’t be less bothered. It can WAIT. Let it wait
till after Easter (which would be today, Tuesday). That’s my guess at their
reasoning. However, and I don’t know how much this has anything to do with
their more expedient handling of it all, I didn’t want this to get any worse,
and decided to take action. Now, I’m just a lowly member of a forum that doesn’t
even have a member rep system, but I started a forum thread, calling attention
to the problem and stuck to my guns on it. I did not let this “can’t-even-promote-threads-to-sticky-forum”
defeat my will to reach as many of the users as possible. Making sure my
thread, giving info not only that the hacker attack had occurred, but also what to do to make
sure the hackers didn’t use any certain user’s account, didn't get lost in the shuffle,
I forfeited my work, my poker tournament and my dinner for it. Of course, other
users soon came in, helping me out, for which I am very, very grateful. You all
have huge amounts of my gratitude, and you should have Familjeliv.se’s, as well.
And still, Familjeliv.se has barely commented on the attack… They posted ONE
lousy, tech-speech-ladled forum thread in which YOU CAN’T EVEN ASK ANYTHING
ABOUT THE INCIDENT! It’s locked for comments. Not because it got flooded with
questions, it’s empty. The questions land instead, of course, in my forum
thread. Hopefully, they get answered (I must here apologize for not being available
in the thread, I have had connectivity issues as well as log-on issues….)
So, that
became a long rant. I probably had more to say, but if so, it’s gone now. I
hereby want to thank all the forum users that made sure my thread about the
incident didn't get lost in the shuffle, and give my promise that if this ever
happens again, and I notice it, I WILL make sure you know about it and I WILL
be badgering the support team about it.
Yours
sincerely
Aniiee
Oh, and…. Don’t
go too hard on the mods about this. They were just as vulnerable as anyone
else, and there are not nearly enough of them to be everywhere all the time.
No comments:
Post a Comment