Diasfora

Site Related => Announcements => Topic started by: indie180 on September 22, 2009, 05:15:46 AM

Title: Photobucket
Post by: indie180 on September 22, 2009, 05:15:46 AM: Photobucket is not the most secure site in the world.

User's should be aware that if you just close down the window without logging out, it is very easy for any one to view your account. So always log out.
Title: Re: Photobucket
Post by: chekovsulu on September 22, 2009, 08:10:42 AM: Well that's annoying! >:(
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 08:25:05 AM: More information? Allows for phished session's or some thing else?
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 08:42:23 AM: If you posted a pic anywhere, this one is from the Authors game.

(http://i266.photobucket.com/albums/ii280/indie_180/1501.jpg)

Right click>Properties>copy up to the last / at the users name and you should be able to get in to my account.

I only use PB for playing games and nothing personal.
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 08:56:15 AM: When say X account logins in, it goes by the string (username), in the url. Rather than authenticating with cookie or session?
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 09:08:58 AM: Did you try to get into my account.

It was set to private, but I just found a bit 'Block All Users' in account options.

I have Blocked All Users, but I can still get in. I need someone else to try.
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 09:11:05 AM: Yes. It took me to the login screen.
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 09:13:14 AM: I've unblock it and if you could try again.
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 09:17:56 AM: Takes me to the login screen :D. Created the below account.

(http://i661.photobucket.com/albums/uu338/S0xX0r/2yy5is7.jpg)

Code: [Select]
http://i661.photobucket.com/albums/uu338/S0xX0r/
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 09:23:16 AM: Just been in it.

(http://i266.photobucket.com/albums/ii280/indie_180/1503.jpg)

Go to account options and block all users and I'll try again
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 09:25:18 AM: Done. >_> it states login, top right hand corner and join now on the menu bar ;).
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 09:42:09 AM: Try setting the account to private, I can get into user's but you can't get into mine. ???

(http://i266.photobucket.com/albums/ii280/indie_180/1504.jpg)
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 09:43:55 AM: Set it to private.
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 09:51:58 AM: If you set your account to Private you can't get in using that method.

Thanks for your help Diabolico.

(http://i266.photobucket.com/albums/ii280/indie_180/1505.jpg)
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 09:57:50 AM: I have change mine to Public, try it now.
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 10:11:47 AM: (http://i33.tinypic.com/2ugggv5.jpg)

(http://i33.tinypic.com/2ebztza.jpg)

Originally thought you meant haxX0r account that way, that it would enable you change account details etc :-\.
Title: Re: Photobucket
Post by: indie180 on September 22, 2009, 10:19:16 AM: I wasn't sure if you could or not, it was hard to say when I was playing around with my own account. :-\

If Photobucket users make sure their accounts are set to Private, if they aren't already.
Title: Re: Photobucket
Post by: Diabolico on September 22, 2009, 10:45:32 AM: Any website that either doesn't encrypt passwords, or secures the strings, are hackable. Limiting the query for retrieving the user account details, on login, is important. As only one account should be retrieved. As it could be possible to dump the Db, if either the username or password string aren't secured (by using a MySql type command).

The check form was submitted, is to check the details were entered through the form and not the address bar.

Code: [Select]
if(isset(submit)) { // form submitted }
Encryption is important, with the expectation of double hashing. As if the strings are collided, it might be possible to remove both layers of encryption (if that's the right way of putting it).

Thou the user has an important part to play. As passwords with characters (*[]() etc) should be used, so the possibility of causing a collision is smaller. That with exotic forms of encryption, altering the password string with simple things like reversing the string, changing it to binary, adding characters to it and salting it, add a further layer of protection.

Thou probably the most overlooked part is the users email address, if you gain access to that, you gain access to what ever accounts that email was used to register with.

//Rant over
Title: Re: Photobucket
Post by: laama on September 22, 2009, 03:55:51 PM: Quote from: indie180 on September 22, 2009, 05:15:46 AM
Photobucket is not the most secure site in the world.

User's should be aware that if you just close down the window without logging out, it is very easy for any one to view your account. So always log out.
I noticed that too and I always log out and close tab after I quit there.

I set my account immediately private I was join there.
Title: Re: Photobucket
Post by: mishca09 on September 22, 2009, 06:29:16 PM: i used to do this a lot, when i was HS. i thought photobucket had fixed the problem.
Title: Re: Photobucket
Post by: hmed2390 on September 28, 2009, 12:44:57 PM: I use imageshack. They've been fine for the past 2 years.

Photobucket sounds awful. :-\
Title: Re: Photobucket
Post by: indie180 on September 28, 2009, 12:51:09 PM: Quote from: hmed2390 on September 28, 2009, 12:44:57 PM
I use imageshack. They've been fine for the past 2 years.

Photobucket sounds awful. :-\

I have tried to get into imageshack, no joy, but that's good. ;D

I still use PB and don't log out. :D

I like PB, but only use it for the Fora Games.
Title: Re: Photobucket
Post by: hmed2390 on September 28, 2009, 12:53:26 PM: haha, i see. :)

Imageshack us awesome for my spamming needs on the forum. ;D :D
Title: Photobucket
Post by: Geemonster on October 15, 2009, 02:06:16 PM: There seem to be lots of images deleted by Photobucket here ???
Title: Re: Photobucket
Post by: dweez on October 15, 2009, 02:11:44 PM: Well, anything that gets reported to them as being risque is removed (just like most image hosting sites). Also, a lot of us tend to delete off the images after their usefulness has expired. I mean, it does not good to keep an image from page 2 of the "Name that Movie" thread when we're on page 94.
Title: Re: Photobucket
Post by: ohcheap1 on October 15, 2009, 02:22:55 PM: ^^ Yeah baby!! Thats what Im talkin bout!! I have to have things in a certain order so I delete stuff that Im not using all the time. Sadly, some do not understand my obsession.... :-[
Title: Re: Photobucket
Post by: Geemonster on October 15, 2009, 02:34:00 PM: Now i know,i understand. :-*
Title: Re: Photobucket
Post by: laama on October 15, 2009, 03:38:23 PM: PhotoBucket sucks.
Title: Re: Photobucket
Post by: smokester on October 15, 2009, 04:16:43 PM: Quote from: dweez on October 15, 2009, 02:11:44 PM
I mean, it does not good to keep an image from page 2 of the "Name that Movie" thread when we're on page 94.

Yeah that would just bump up the bill and waste that valuable 30kb of the 500mb allowance.. Keep that up for the next 17 years and one might just go over the limit ::)
Title: Re: Photobucket
Post by: hmed2390 on October 15, 2009, 04:21:02 PM: Quote from: laama on October 15, 2009, 03:38:23 PM
PhotoBucket sucks.

nice insert there laama. :D

Quote from: smokester on October 15, 2009, 04:16:43 PM
Yeah that would just bump up the bill and waste that valuable 30kb of the 500mb allowance.. Keep that up for the next 17 years and one might just go over the limit ::)

:D

17 years is an awfully long time smokes. :D

And let's not forget the legal issues that the AlJazeera issue is bringing about for the forum. ;)
Title: Re: Photobucket
Post by: smokester on October 15, 2009, 04:35:20 PM: Quote from: hmed2390 on October 15, 2009, 04:21:02 PM
nice insert there laama. :D

:D

17 years is an awfully long time smokes. :D

And let's not forget the legal issues that the AlJazeera issue is bringing about for the forum. ;)

I'm not sure why, but everytime you mention Al Jazeera I think of beer.. no wait.. everytime someone posts anything I think of beer.
Title: Re: Photobucket
Post by: hmed2390 on October 15, 2009, 05:54:56 PM: :D

Your mind is linked to kegs. That's the only logical explanation. 8)
Title: Re: Photobucket
Post by: Geemonster on October 16, 2009, 05:37:55 AM: Quote from: laama on October 15, 2009, 03:38:23 PM
PhotoBucket sucks.

Goddamn right it does!
I use the demons den image host,i think i still have an imageshack account too.
Title: Re: Photobucket
Post by: hmed2390 on October 16, 2009, 11:23:15 AM: Every one disses imageshack whenever I bring it up :D

I've been using it since 08' and they've been pretty decent so far. I even got in touch woth them on several occasions becasue of technical

issues I was facing, and they responded in under 24 hours, resolved the issue, and even accomodated for the hassle I had to put up with.

Geez people, how mean can they be? :P :)
Title: Re: Photobucket
Post by: Geemonster on October 17, 2009, 01:47:18 AM: I had this image,a mod can delete it if applicable
Anyway my album was private,i had this on it for about 2 years,so i suppose a new person,probably a PC woman took over and deleted my account. ::)
Photobucket sucks ass.

No mod needed to delete it, Admin did it instead..
Title: Re: Photobucket
Post by: hmed2390 on October 18, 2009, 05:09:58 PM: ^was it chauvinist? :-\
Title: Re: Photobucket
Post by: Geemonster on October 18, 2009, 10:18:50 PM: It was a silhouette i'll PM it to you hmed.
Title: Re: Photobucket
Post by: Robin-Graves on October 19, 2009, 10:26:39 AM: Woohooo! PM it to me too!!!!!Please?
Title: Re: Photobucket
Post by: laama on October 19, 2009, 05:40:14 PM: Quote from: Robin-Graves on October 19, 2009, 10:26:39 AM
Woohooo! PM it to me too!!!!!Please?
+1
Title: Re: Photobucket
Post by: hmed2390 on October 19, 2009, 05:41:21 PM: LOL
Title: Re: Photobucket
Post by: laama on October 19, 2009, 06:05:57 PM: Quote from: hmed2390 on October 19, 2009, 05:41:21 PM
LOL
How's it feel to be necessary? ;)
Title: Re: Photobucket
Post by: hmed2390 on October 19, 2009, 06:09:59 PM: huh? :P
Title: Re: Photobucket
Post by: laama on October 19, 2009, 06:10:35 PM: Quote from: hmed2390 on October 19, 2009, 06:09:59 PM
huh? :P
:P
Title: Re: Photobucket
Post by: hmed2390 on October 19, 2009, 06:11:37 PM: Don;t mind me, I'm loopy. :)