essendoubleop

I went over that list at the request board before it disappeared and I tried entering one of the passwords. Here is a message I got after entering it into one of the websites...

Security Violation! "You have attempted to enter a secure area (/members/) with an stolen username/password.


Then it said something about how the situation would be examined. And then it listed my IP address and a local address. So am I fucked?

MSD

If they scare you into believing that they're going to get you, then they won. It's not going to happen, it never has happened to anyone.

Giltwist

There is a lot of really simple code to show your local information and they never even need to send that info to the server.

Fremen

Yup, like the one sixate posted a while back.
It showed your IP address, your isp and the browser your're using.
It insults your choice, too.

__________________
Google

Hrothgar

Just use a proxy next time.

__________________
The fortunes of war favored Hrothgar.

gonadman

A similiar thread was posted a while back. I think the huge volume of hacked PW negates any attempts to prosecute individuals.
Also it would cost them more than the couple of bucks mem fee they could demand for your transgressions!

__________________
For me there is only the traveling on paths that have heart, on any path that may have heart. There I travel, and the only worthwhile challenge is to traverse its full length. And there I travel, looking, looking, ...breathlessly.
-Carlos Castaneda

Sapper

Actually ... I worked with a guy who operated a website that nailed every person who used stolen account info. He didn't seem to ever sleep ... but sure did get lots of $$ in settlements

__________________
rm -f /bin/laden

crewsor

And I worked with a guy with a 30 inch cock. I never actually saw it but thats what he said.

__________________
We all have wings, some of us just don't know why.

gonadman

LOL

__________________
For me there is only the traveling on paths that have heart, on any path that may have heart. There I travel, and the only worthwhile challenge is to traverse its full length. And there I travel, looking, looking, ...breathlessly.
-Carlos Castaneda

Halx

Being the webmaster of a popular paysite... I must say your friend must not have had many offenders. It would be near impossible to function if we went after every offender that abused a password from our site. Besides, it's near impossible to tell if the person accessing the stolen account is the actual owner or not, so the whole issue is fuzzy.

__________________
You have found this post informative.
-The Administrator
[Don't Feed The Animals]

The_Dude

you work with Halx?

...kidding.

hobo

Could you repost that code? It sounds cool and I like to make fun on Netscape users.

Fremen

Heh, sorry hobo, I don't even remember which of the forums it was in, let alone which thread.
You might pm sixate to see if he has it.

The only reason I remember the post was because I used the code in my sig on another board and it got my super-mod duties stripped from me for a while.
It caused a few members to panic, thinking every Tom, Dick, and Harry was looking at their personal info.
Not one of my brightest moves.

__________________
Google

wflol

it's a s care tactic, looks like it worked

mrap1

Assuming that a website did want to prosecute a person for using a hacked password, are you saying that the max they could get is their standard membership fee? Could a site sue a regular user (not a hacker or cracker) and realistically expect to get a large settlement?

nanofever

Just mosey on down to the exhibition forum if your curious...

__________________
I'm leaving for the University of California: Santa Barbara in 5 hours, give me your best college advice - things I need, good ideas, bad ideas, nooky, ect.

Originally Posted by Norseman on another forum:
"Yeah, the problem with the world is the stupid people are all cocksure of themselves and the intellectuals are full of doubt."

tritium

Man, it occurs to me that there might be a significant demand for a service to hacked sites that would track down information on this kind of stuff. Kind of like a bounty hunter service that would take a portion of whatever settlement was reached between the site and the transgressors... maybe keep a lawyer on staff to file the paperwork.

Paysites would hand over lists of offending IPs, and from there, the service would track the IPs for multiple attempts (wrong ID/pass several times) and then track down the offender to gather info... meager 50% fee charged for the detective and lawyer services, of course.

What do you all think? Might start a thread in computers to discuss this idea a little further...

__________________
Blah.

tritium

Wrong. In most states, there are laws in place for a website owner to gather damages for a hack. In Virginia, for example, a webmaster can prove that the hacked password was used by multiple individuals and that this was a loss of income (from the multitude of lost yearly memberships). Additionally, since it can be argued that a paysite's unique content is the only thing that distinguishes it from other sites and that this forms the basis for its membership appeal, a hacked password ruins the mystique that leads to new memberships -- this is, also, a damage to be compensated for (precise numbers are impossible to generate -- but an absence of memberships is usually compelling but its hardly important how many there MIGHT have been had the hack NOT occurred when courts want to make examples of hackers). This applies to more than just porn sites, and is particularlly painful to websites that explain how to do things -- think of how-to real estate forums and such. Whether you like their content or not isn't important; that they had a unique concept or information to sell that is, now, violated is important. The basis for income is gone. It's almost like forceablely releasing patented or copyrighted material into the public domain.

Remember that under current legislation, virus programmers and hackers are, by the letter of the law, terrorists. Be very careful when you do stuff like this.

__________________
Blah.

mrap1

What you're saying sounds resonable, but it also sounds like it applies more to the hacker or cracker that gives the password out. I was wondering more along the lines of what the penalty would be for someone using a password that they find on irc or a message board.

Surely if someone uses a pass that they find somewhere they can't be charged with "ruining the mystique of memberships". The most damage such an individual would cause is whatever bandwidth s/he used in downloading the content. Therefore, wouldn't it be reasonable that the most such a person could be fined is the standard cost of the site's membership?

Although, with the DMCA I imagine that websites could also make a case for copyright infringement which would then incur greater penalties.

essendoubleop

Okay, well just to be on the safe side, how do I set up a proxy? I have a 56k connection, Windows XP, and MSN if any of that matters.

Dano069

They'll get my stolen passwords when they pry them from my cold, dead hands!

__________________
I may look attentive, but I'm taking peeks down your blouse faster than the human eye can follow.

skysooner

Prosecuting and lawsuits are a whole lot more complicated than they appear. The burden of proof is difficult, and it costs a ton of money to litigate. This is why there are so many out of court settlements (better for both parties). However, there is really no upside for a website operator to prosecute on something like this, so it is kind of like a car alarm that everyone ignores (noisy but with little repercussion).

tritium

It's still constitutes illegal electronic trespassing. There's your criminal action.

__________________
Blah.

japhyryder

I would think it would definately not be worth it. Kinda the RIAA going after everyone, not just the big uploaders. To much work, to little results.

__________________
It's only entertainment, someone's sick idea of a joke.

WannabeTFP

Would have certainly scared me.

MacGnG

eh, no big deal

cowudders14

Put it this way - I've used loads of them, and seen that scare tactic page appear numerous times. I've never heard anything back!

__________________
Moo! I'm mooey!

Random_

Hmm... for me, some dick on IRC told me to use this pass on sexkey( I don't know why, but when your on IRC your real bored), so next thing you know they tell me that they have my IP and MIGHT prosecute me and all that jibber jabber. Even gave a link to FBI. That was 15 minutes ago, so I turned off all my IE windows, and cleared all my temp files and offline content,lol. Well, I geuss they won, cause it scared me shitless for about 10 minutes, until I realized that this password has probably been passed around to like 5 million people, not only that but people can make IP fakers. Think they are just deterring the use of these passwords to be honest, but I'm still slightly worried, but screw it. I didn't download anything or do anything but try to login... what are they going to pin on me, intention of maybe trying to possibly do something or maybe steal something off their site?

Random

JStrider

someone mentioned wanting this...

__________________
-=JStrider=-

~Clatto Verata Nicto

Blackthorn

HYSTERICAL! Hey by chance his name wasn't Halx was it?

__________________
What are you willing to give up in order to get what you want?

macmanmike6100

another two cents to say what has already been said (hopefully, there's reinforcement in numbers): no worries!

they won't pursue legal action against you.

whocarz

I prefer to spoof a website rather than use passwords.

__________________
If there exists anything mightier than destiny, then it is the courage to face destiny unflinchingly. -Geibel

Despise not death, but welcome it, for nature wills it like all else. -Marcus Aurelius

Come on, you sons of bitches! Do you want to live forever? -GySgt. Daniel J. "Dan" Daly

cowudders14

[OT] Jstrider - can I have the code for that IP and browser thing please? That's of course assuming it's not anything copyrighted? I'd love to put it on my website!

I tried PM'ing you and emailing you but apparently you don't accept either??

Thanks!

__________________
Moo! I'm mooey!