Gmail was hacked, was this site hacked?

[tornado9015]

Simply not true. See, for example, this Wired article by Bruce Schneier. See also tools such as John the Ripper.

You took my reply severely out of context.
Quoted from the link you sent.
"How good is all of this? Eric Thompson estimates that with a couple of weeks' to a month's worth of time, his software breaks 55 percent to 65 percent of all passwords. (This depends, of course, very heavily on the application.) Those results are good, but not great."

Like I said, this strategy is simply not even remotely practical for almost all accounts. The user who is complaining about his account being hacked said that it was used to send out spam. Does that end result really seem worth a 55% chance that 2-4 straight weeks of using a computer for no other purpose than guessing his password will actually work?

 

[champions]

Another thing you could try for a more secure password is using a random string of numbers, letters and special characters, then keeping a physical copy of this password in a safe place that is unusual (i.e. not under your keyboard, on a sticky note on the screen, etc. i use this method for a very few websites and i have a copy of it saved in my voicemail.) I change this password every thirty days like clockwork, and i also change my hiding spot (i'll hide it in plain sight often times, such as the book shelve in my house has a find-a-word style puzzle book that is never used. i'll go through it and circle random letters and add numbers at the end of the rows. no one would think to look there).

.

Another thing to remember is don't allow Firefox/Opera/IE to remember your password. Yes, nearly any password is crackable if enough time is spent, but most people aren't going to spend an extreme amount of time to crack a password for something as unimportant (don't jump me sports fans) as ECF. So usually just having a hard-to-guess/crack password is security in and of itself. If your password can be cracked in a few minutes, why not? If it takes many hours, is it truly worth it?

Hope it's helpful.

Paranoid?? lol. jk. I really should put more thought into my passwords, but I'm always scared I will lose it or forget it on things where I only need to sign in every six months. this forum, for example; I signed in the day I opened the account and couldn't tell you the password right now. Fortunately I'm sure that there is a link I could click to help me recover it. To me thats even scarier. How hard is it for someone to find out my mothers maiden name, or my first school, or my first pets name.

If they really want the password they'll get it. Especially with key loggers etc...

 

[HzG8rGrl]

How hard is it for someone to find out my mothers maiden name, or my first school, or my first pets name.

If they really want the password they'll get it. Especially with key loggers etc...

I never give the real answers for any of those questions.

 

[NCC]

I'm just curious Damname, do you believe in aliens?

There's no question in MY mind that life, including intelligent life, exists elsewhere than Earth. Nowhere near as likely that any of them frequent our home planet, but there's little question that they exist in the Universe.

And, your question to the OP was ridiculous, infantile, and insulting to anyone with half a brain. What has the OP's thoughts concerning extraterrestrial life got to do with post #1 in any form or fashion?

 

[tornado9015]

There's no question in MY mind that life, including intelligent life, exists elsewhere than Earth. Nowhere near as likely that any of them frequent our home planet, but there's little question that they exist in the Universe.

And, your question to the OP was ridiculous, infantile, and insulting to anyone with half a brain. What has the OP's thoughts concerning extraterrestrial life got to do with post #1 in any form or fashion?

The question was probably regarding the OP's avatar.

 

[NCC]

The question was probably regarding the OP's avatar.

No question about it.

And, perhaps I read more into the question than was intended and over reacted. If so, my apologies. But, I doubt it. Just reminded me of the dirty question asked of Kucinich, especially considering the flak the OP was already receiving for post #1.

 

[Timtam]

We are not trying to give anyone flak, or belittle anyone in any way. Computer security is something which is always severely overlooked by everyone.

 

[DaveP]

Computer security is a personal responsibility. There are great FREE tools to accomplish this.

Microsoft Security Essentials is my favorite free package. It scored in the same top levels as Symantec (Norton) and MacAfee. MSE is effective and also detects signature viruses, runs quietly in the background, auto updates (if you wish), runs automatically or manually, and doesn't slow down your machine.

Malwarebytes is a good free removal tool that also detects incoming threats (if you purchase the paid package).

Spybot Search and Destroy is a must have. It will immunize you PC against over 125,000 threats and will scan, find, and remove threats. Spybot is free and works on a donation basis. Recommended!

Just having resident checkers is not enough. You actually need to run scans at least once a week. These will run in the background while you surf, so they are not intrusive to your computer usage.

I spent an afternoon last week sanitizing a distant relative's netbook that contained several nasty invaders, including a rootkit boot sector virus that required a specialized removal tool. This netbook was impossible to use because of pop-ups that occurred with every keystroke! I was able to boot into safe mode and remove the major threats. Then I had to search the registry to manually remove references that re-installed the boot time infections. It took a combination of approaches to clean it, then I had to deal with the infected boot sector. Don't let this happen to your computer ... run AV and spyware packages and allow them to equip your browser with safe site tags.

Be safe!

 

[BadThad]

Computer security is a personal responsibility. There are great FREE tools to accomplish this.

Microsoft Security Essentials is my favorite free package. It scored in the same top levels as Symantec (Norton) and MacAfee. MSE is effective and also detects signature viruses, runs quietly in the background, auto updates (if you wish), runs automatically or manually, and doesn't slow down your machine.

Malwarebytes is a good free removal tool that also detects incoming threats (if you purchase the paid package).

Spybot Search and Destroy is a must have. It will immunize you PC against over 125,000 threats and will scan, find, and remove threats. Spybot is free and works on a donation basis. Recommended!

Just having resident checkers is not enough. You actually need to run scans at least once a week. These will run in the background while you surf, so they are not intrusive to your computer usage.

I spent an afternoon last week sanitizing a distant relative's netbook that contained several nasty invaders, including a rootkit boot sector virus that required a specialized removal tool. This netbook was impossible to use because of pop-ups that occurred with every keystroke! I was able to boot into safe mode and remove the major threats. Then I had to search the registry to manually remove references that re-installed the boot time infections. It took a combination of approaches to clean it, then I had to deal with the infected boot sector. Don't let this happen to your computer ... run AV and spyware packages and allow them to equip your browser with safe site tags.

Be safe!

Decent programs, I also recommend SpywareBlaster and SuperAntiSpyware. Blaster is not a scanning tool, but a blocking tool that stops a lot of crap from even getting on your system. SuperAntiSpyware is one of the best scanning tools out there. Both programs are FREE.

 

[rolygate]

When choosing security applications and especially a security policy, it's best to go with advice from security professionals and expert users who specialize in this area. In particular, since benchmark tests are available in more quantity than for any other consumer product area, we should perhaps look at these results before deciding. Back in 2000 I would have advised people to look at Gibson Research, for example, but now Gizmo's and Matousec do a better job. Gizmo's also advises on a security policy depending on OS and user experience, which I think is a good thing, since a Windows 2000 user needs different advice from a W7 user, and a beginner cannot use apps suited to an expert.

Benchmark testing also allows us to eliminate older and less-capable apps, and some of those mentioned in this thread have poor performance today, as proven in tests.

SuperAntiSpyware is an old favorite and still works well, but its performance with rootkit-generated executables is not as good as that of A-Squared and Prevx. The tough ones to find and get rid of now are the rootkits so I feel this aspect needs more emphasis. The rootkit scanner page on Gizmo's is worth looking at. Note that you can run antivirus scans and antispyware scans to your heart's content, but they won't find the rootkits, which can still be phoning home if you don't have a full firewall and rely on the Windows semi-firewall.

 

[Kent C]

SuperAntiSpyware is an old favorite and still works well, but its performance with rootkit-generated executables is not as good as that of A-Squared and Prevx. The tough ones to find and get rid of now are the rootkits so I feel this aspect needs more emphasis. The rootkit scanner page on Gizmo's is worth looking at. Note that you can run antivirus scans and antispyware scans to your heart's content, but they won't find the rootkits, which can still be phoning home if you don't have a full firewall and rely on the Windows semi-firewall.

Hey thanks Roly. I haven't revisited this area for a while and am running Super Anti-spyware. (knock on wood - no problems) but I'm going to check out the products mentioned.

 

[tribalmasters]

What about ComboFix would you say that is good? It seems to do good, showing what nasty rootkits its ripping to pieces as it goes along in its blue DOS box!

I hear some have experienced broken Windows with it but I have never seen it do that!!!

 

[rolygate]

TM,
Go to this link:
Best Free Rootkit Scanner/Remover

Read the comments: #43108 and following, especially #43180.

Apparently ComboFix is super-buggy although when/if it works, it can be excellent. Also note that there are some scam sites called combofix.net and similar that have compromised versions with rootkits kindly added for your pleasure - only download it from Bleeping Computer. The main use of it seems to be something along the lines of HijackThis, you need someone to interpret the logs. If you're unlucky it will lunch your PC, it did for the rootkit guy at Gizmo's, luckily he knows how to rebuild W7. I guess that means don't use it on W7.

By the sounds of it, when it works, it's good - but it's risky. There are safer ways.

 

[Automaton]

Things like this are why I love Linux.

In the past year or two, Desktop Linux for your average user has finally become a reality. Linux Mint FTW.

If you're just reasonably sensible about it... you can really calm down about viruses. It's so nice.

I won't pretend to understand a large part of what was said. Bits and pieces, but I'm no geek.

I know how to make a good password, I know what not to click, etc.

I was much more cautious when I was running Windows, running Avast, blah blah blah, and I was still clearing out trojans and spyware and crap every couple months.

Now? Nothin'. Nada. Zip. Zero. Been running Mint for almost a year.

*takes a deep breath, and vapes*

If you're not a gamer... consider it. It's friendly. Promise.

 

[Elendil]

That's why I stick with Windows 3.1 supplemented by MS-DOS 6.2. I'm so far off the radar, I may as well not exist to the troublemakers.

Unfortunately I am somewhat limited in my program selection.

 

[Java_Az]

Things like this are why I love Linux.

In the past year or two, Desktop Linux for your average user has finally become a reality. Linux Mint FTW.

If you're just reasonably sensible about it... you can really calm down about viruses. It's so nice.

I won't pretend to understand a large part of what was said. Bits and pieces, but I'm no geek.

I know how to make a good password, I know what not to click, etc.

I was much more cautious when I was running Windows, running Avast, blah blah blah, and I was still clearing out trojans and spyware and crap every couple months.

Now? Nothin'. Nada. Zip. Zero. Been running Mint for almost a year.

*takes a deep breath, and vapes*

If you're not a gamer... consider it. It's friendly. Promise.

You said the L word

Linux is pretty awesome, although you pointed out the one bad thing if your a online gamer it can be a pain, Although most games will run with cedega FPS games with Punk buster don't usually work for playing online.

Here is a link to the lastest linux distros if anyone is interested DistroWatch.com: Put the fun back into computing. Use Linux, BSD.

 

[tornado9015]

That's why I stick with Windows 3.1 supplemented by MS-DOS 6.2. I'm so far off the radar, I may as well not exist to the troublemakers.

Unfortunately I am somewhat limited in my program selection.

Security through obsolescence. LMAO. That certainly is one strategy.

As for mistressnomad, with linux you don't even need to be sensible about it, go to any site, click as many pop-ups as you want. The worst you can get is some bad cookies for your browser, just reinstall that and you are all set. Linux and Mac both have virtually zero viruses programmed for them, and it's for the exact same reason. Neither come close to the popularity of windows, so it isn't very practical to code any spyware/malware, for them.

Macs seem to be gaining a little bit of popularity, so potentially more virus' may start popping up, but I doubt it. Linux still has a long way to go before people start attacking it. Not because it is inferior or vastly superior in safety, simply because nobody thinks it is worthwhile to attack.

 

[Automaton]

tornado - Yeah, I know I could probably be a lot more careless, and now there really is Linux for dummies. But... eh, why be careless when being slightly sensible takes so little effort?

Yeah, I can see how making a virus for Linux would be seen as a waste of time. Not only due to the small user base, but also because, clasically, Linux-users are heavy-duty geeks, and they have computers built like a bank safe. Hopefully no one catches on that dummies like me are now able to use Linux.

If you're a gamer, you could always run a Linux partition for everything but gaming I suppose. Not being a gamer myself, I don't know the best solution.

 

[Java_Az]

Dual booting, cedega and Wine are all ways to cover the gaming part. I half way agree with Tornado, Yes there are not as users on the platform which makes it a less desirable target. But also Linux is not as exploitable as windows. For sure the old windows without UAC. The newer versions are safer With UAC. BSD really beats them all as far a security. If it was easy these virus writers and script kiddies would be writing viruses for mac and Linux. Just to say they did it.

 

[rolygate]

A Linux user into gaming could dual-boot to a partition with XP on it, or a separate hard disk. It's easy to install another HD now and you can boot to it as well with the current SATA disks, you couldn't with ATA disks.

Get a disk image of the partition or disk, using something like Acronis, Macrium, Paragon or Easus (or Seagate Disk Tools etc). Get a basic image with just the OS, then incremental images with the games etc. Just wipe the disk clean if you have any problems, and reinstall the image to get back to square one in 15 minutes. Sorted.

That way you can use Linux (MN) or Windows 3.1 (Elendil), or W2K (me), because it suits you - and use XP for gaming, which it's very good at. And when it gets carpped up, wipe it and reinstall it in minutes.