MyIS vs GameWizard - Conspiracy or Storm in a teacup?

[BlakeJr]

I suppose a lot of you guys are registered over at TBF2 as well.
Did you get THE Email?
Well, here's part of the explanation : http://www.totalbf2.com/forums/showt...1&goto=newpost

I got the mail this morning and thought, wow, another "merger". Then I checked the RSS feed from TBF2 and my whole world blew apart!

Well, not really, I DID get interrested in what happened though and why.
According to the MyIS staff we will get more info "soon"

What do you think?
Storm in a teacup, hen of a feather, sandbox politics or is there a serious issue behind the scenes that we don't know about?

Comments?

[Eden]

I'm not sure what I should be more worried about, the fact that Gamewizzard stole my account information or the fact that people arnt even asking him why he broke the law.

To tell you the truth I would have loved for him to start a new community but the fact they he broke our trust by stealing our account information (passwords included) makes me wonder if I can ever trust him, if he did it once what's to stop him giving our information to other people.

He was fired from MyIS for internal reasons, MyIS wanted to keep it at that, being a member of the Sir. Community I know exactly what there going through at the moment except they have to go through it on a massive scale, in all honesty I hope Gamewizard receives the full brunt of the law for what he has done, if he had gone about it any other way I would have given him my support for his new site.

[BlakeJr]

I was thinking very much the same as you Eden.
The question about the passwords is; how secure are these hashed whatever where the PWs are stored?

Let's hope things get cleared quickly and that the promised info is not another puff of smoke.

[[R-DEV]KingofCamelot]

Heh, read a little before I got bored. I'm fairly neutral on this since we don't know the whole story, but MyIS is definately using pure scare tactics on the stolen passwords claim. They have no knowledge that he has installed any such code to steal logins as they mention, and without proof that he has done so, their own argument can be used against them. How do we know THEY aren't stealing our login info? Empty claims of what someone could do are idiotic.

[Eden]

Quote:

Originally Posted by BlakeJr

I was thinking very much the same as you Eden.
The question about the passwords is; how secure are these hashed whatever where the PWs are stored?

Let's hope things get cleared quickly and that the promised info is not another puff of smoke.

Hashing is the most standard way of securing passwords on a server (as has been explained on TBF2). most servers use md5 hashing and a few servers use SHA1 hashing however hashing is not perfect, you can with the right tools retrieve the unhashed information from a hashed string. md5 is the least secure and therefore the easiest to break SHA1 is a lot more secure however again still breakable, there is also SHA256 and a number of other methods to hash information for example you can use a combination of hashing algorithms and there tend to be the most secure however very few servers will use those methods as they use up significantly more processing power than its less secure counterparts. But no hashing not even the most heavy hashing algorithms are fully bullet proof and in the end it comes down to the user, if you have a decent password (random numbers and letters) and do not use it for everything then you have nothing to worry about.

Quote:

Heh, read a little before I got bored. I'm fairly neutral on this since we don't know the whole story, but MyIS is definately using pure scare tactics on the stolen passwords claim. They have no knowledge that he has installed any such code to steal logins as they mention, and without proof that he has done so, their own argument can be used against them. How do we know THEY aren't stealing our login info? Empty claims of what someone could do are idiotic.

Your right, they do not know if Gamewizzard has unhashed passwords you just proved that people should be worried about what he may do with that information, the fact that he stole database information should be enough, it should send an alarm off in your brain "DO NOT TRUST THIS PERSON", it amazes me the ignorance of people on the internet (not you btw, i'm talking about everyone at TBF) you wouldn't be so relaxed about it if this was someone stealing your address, credit card info from your bin or stealing database information from a government server with your entire life on record.

stealing your email and password (which tends to be the same password for your email account) is the first step to stealing your identity.

[[R-DEV]KingofCamelot]

Well, personally I am not worried about this. However, my password for that site is the same as my e-mail password, and even this site's password.

The reason I'm not worried about my password is because as far as I know GameWizard has no motive to steal anyone's password. Despite MyIS's use of the word "steal", from what I can gather he didn't recently steal the account infos.

The way I understand the situation is that GameWizard acquired the account info from a previous backup of the site that he made when he had full access rights, as well backups should be made periodically. The reason I think its a backup is they said its an old list, and they also said there is no security hole, but that he got the login info because he used to have full access.

From there it would seem he just migrated the account info into his new site's database. Yes, I believe the movement of the account info violated the user's trust, but in all honesty, he is in no more situation to steal your info now than he was a few months ago. When GameWizard still ran the site he could have stolen your password if he wanted to, but he didn't.

So, now that he was fired by MyIS, what motive does he have to steal OUR passwords? I can understand him being angry at MyIS, but why would he lash out at the community he helped create, that did nothing to hurt him?

Like I said, I don't see a motive for stealing password now versuses several months ago, when he had access to the account info both times. Maybe I'm just being too trusting.

[Eden]

I would agree with you that it is unlikely he will use account info for illegal purposes but this is someone who originally sold his site and then got angry when he was told he would no longer have his position at tbf2 I just simply cant trust him enough to believe that he wouldn't sell user information given the chance. In his own words "money is money".

[[R-DEV]KingofCamelot]

Have you, by chance visited the new site, that the e-mail in question directed users to?

I read over GameWizard's message on that site, and, if everything he says is true (I see no reason to believe MyIS over him or vice versa) then he never actually sold TBF2.com. His claim is that he was and still is a minor (17) and only his legal gaurdians can sign a legally binding contract. He also says his gaurdians never signed such a contract so he still has the legal rights to TBF2.com.

If thats true, than thats a whole different ball-game, and he should have brought legal action against MyIS instead of forming a new community. I guess only time will tell with this one.

[Eden]

Yes ive visited the new site and hes done a good job. however as for his clam on the rights to Totalbf2.com ill wait for more information but if you want to check, if the site was legally his why did he go and hand over full rights of the domain to MyIS?

If he never sold the site he wouldn't have handed over the domain would he? I know I wouldn't.

[Wolfmaster]

Interesting...

Just from the way MyIS is acting on this, I'm inclined to beleive what GameWizard says... Of course, he shouldn't have done what he did, but it seems understandable. If this were a poll, I'd vote conspiracy.

I think the lawyers just need to figure out wether or not there was a contract , signed by people who were entitled to do so...

Btw, the thread at TotalBF2 is now locked...