LIT and security

[Draco]

Hmmm...interesting indeed.

This post is from my laptop, on a shared internet connection, while logged into LIT on my server as well. So much for security.
I shouldn't be able to even log in, if the security is up to the test.

Hey Manu, you really should do something about it.
No wonder some folks are getting paranoid about getting hacked at LIT.

 

[Draco]

Just to prove a point, this post is done from my Desktop server.

I am logged into my own Draco account, using the same password on both this and my laptop thru a shared internet connection. How can this be? Surley somewhere in LIT the alarm bells would be ringing about a dual-log in.

If I can do it in my own profile, whats to stop me logging in with say SweetCherrys profile, or anyones elses?

Manu..I'd like some feed back on this...

 

[JerseyBoy]

If I can do it in my own profile, whats to stop me logging in with say SweetCherrys profile, or anyones elses?

umm...you don't have their passwords?

 

[Draco]

I have SweetCherry's, with her consent, I've had it for ages.

But, you can see my point.

The security setting should have blocked the second attempt at logging in...really.

 

[SweetCherry]

umm...you don't have their passwords?

Actually, yes he does. And I have his.

 

[SweetCherry]

See, its just that easy.

Hi, this is Draco, logged in under SweetCherrys profile (with her consent)

Told you it could be done.

Now, she is logged in as well, so it's no fluke.

 

[JerseyBoy]

this isnt a pay site so I doubt Manu worries about two people posting with the same account at the same time. If someone were hacking your account it would be unlikely they would be doing it the same moment you were on...

in any case, just remember to clean up your cookies after you play!

now if 100 poeple were all logging on at the same time....I'm sure the server has software to catch such things if he so desired...

Perhaps alarms do go off....but the question is...does it really matter?

 

[Draco]

Ok, heres a little scenario, say I discovered your password, logged in as Jerseyboy, and abused everyone and broke every house rule in Laurels book, and you got banned because of my actions, wouldn't you jump up and down about the lack of security and the un-fairness of it all.

Just making a point, over the last few weeks there have been a lot of discussions about LIT being hacked etc...just needed to make these points.

WE ARE NOT SECURE.

 

[SINthysist]

We are REALLY not secure...

 

[JerseyBoy]

I'm sure laurel would see such a 'hacking' and un-ban me and perhaps even post a 'sticky'...and then berate me for giving out my password

You say 'discovered' my password. I guess you could also discover my password to my back account too. I'd be much more worried about that.

Nothing is secure if someone can get your password.

So we all must remember to NOT/NEVER open attachements (jpg's are safe so far) from unknowns and even be wary of friends emails.

I guess it all depends on how you got my password...like hacking LIT to get it.

 

[Draco]

Now, those that know me would know I would never do this anyway. BUT.....it happened by almost accident...I was surfing LIT on my server, while working on the laptop. The laptop's homepage is set for LIT, and last time I surfed on it, I never cleared the cookies. So, it logged me in automatically. I saw something and responded, without really thinking of which computer I was using. The post went thru automatically, then I stopped and thought...."Hang on a minute, this shouldn not have happened. Isn't that why we have passwords? For security."

Whats to stop some un-scrupulous deviant from cracking a few passwords, logging into those accounts and slamming people left, right and centre?

Obviously NOTHING.

 

[SINthysist]

We are REALLY not secure...

There's enough of us here to start a REDWAVE!

 

[Draco]

Oh yeah..BTW Jersey...I tried your bank account...it was empty....LOL





















I'm kidding...I have no interest in cracking, hacking into anyones account, be it here at LIT, or their bank. I'd rather do a "Swordfish" into the Federal Reserve...mucho moola......

 

[Draco]

There's enough of us here to start a REDWAVE!

1




2





3



REDWAVE........

 

[SINthysist]

So, having no other skills, I re-embark on my former career...

 

[Draco]

So, having no other skills, I re-embark on my former career...

Let me guess, topless banana dancer....?

 

[JerseyBoy]

Oh yeah..BTW Jersey...I tried your bank account...it was empty....LOL...

hehe...I coulda told you that!

but yeah, if someone can get into the pentagon they can get into here. And don't think people havent tried. Everyone hates that prick Hanns but i think he knows alot about hacking and that shit but i havent seen him hack anyones.

i always post from home so i dont worry bout my cookies. I would be a bit freaked about using a public computer

 

[Draco]

I always post from home so i dont worry bout my cookies. I would be a bit freaked about using a public computer

Actually, I'd be more concerned about the home computer. Now, I dont know your home situation, but I know a lot of members partners would be rather annoyed if they found out their partner/spouse etc was surfing an Erotic Discussion board.

Leaving your password on a public access computer wouldn't worry me, coz it would only ever be my yahoo mail and possibly my LIT password. I would never check my bank account or something vital like that from one.

I have been employed at times by corporations who want searches done of their computers for illegal emails, and in-appropiate surfing during work hours. The results have often astounded me, some people dont even know how to remove their history tracks. Cookies are left, the URL cache, (showing all the URLs that have been opened in the entire history of that installation are all there. Temporary internet files, its all there for anyone to check.

Some of the software we employ can even detect debris off a "Formatted" hard-disk. Just goes to show, even tho you think you cover your tracks, you cant.

 

[Draco]

I'm not paranoid, but is that guy in front, following me....?

WE ARE NOT SECURE.......

And all your base now belong to us....

 

[sexy-girl]

its not really up to laurel or manu its the UBB software that this board uses

if you're worried about it you can disable lit using cookies



for me its quite helpful because i use lit from a few different home computers


it does have a few background security features built into it though such as you can trace how many different IP's have been used for a user

 

[The Foto Fiend]

Webcam bliss!

This guy is a regular user on Literotica. My sister has an account here and this guy emails her all the time. He got beaten up by his younger brother the other week and sent my sister this photo.

My mates and I sent it to a site and it got in the top 10 list.

I can't remember his name exactly. I think it was Mills or Miles.
Something like that. Do any of you know him?

 

[ma_guy]

I wonder what would happen if you tried logging in under the same account from 2 totaly seperate locations. Security, such as it is, may be tied to user acount and IP addy and if you have a shared connection the server may be seeing your router IP so both machines would be seen as using the same IP addy.


??? Only Manu knows for sure I suppose..

 

[Draco]

No router used. A shared internet connection thru Win 2000 and dial up. Not using any masking software, no IP blockers or anything like that.

 

[Draco]

I'm gonna try that tomorrow with my flatmates PC , we have dual phone lines here. so it's just a matter of draping a cable from one room to another, then dialing in on both machines and logging into LIT...I'll keep you posted on if it works or not....

 

[Orlanth]

We've all be marked for Termination!

Hide from model T1-130-Haxor!!!


Really, Draco is right. something needs to be done.