Kirik has stockholm syndrome...
Il Duce - Gumball, his life and the life of his friends and family could turn into a potential hell for years and years. Even people who aren't friends with mentaL could find cause for retribution because under a certain code of ethics, he is a good guy and a hero. This site could be ruined, finances ruined, privacy destroyed, any online presence and general havoc would likely be unleashed upon him and mma.tv. That's just how it is.Ok, maybe I overstated after reading AlmightyCrom, but I get where Kirik is coming from.
Digital destruction is frustrating and such a pain, especially if you aren't technically savvy and you did something to personally piss off a black hat. I made that mistake and it fucking sucked for a while.
Basically in the article he says he was insulted by the offer of $500 well to explain it better
I was walking into a club and a guy drops his keys for a Porsche and when I hand him the keys and say hey someone could have just stole it and he says wow your right here's $10 and I say fuck you and go Hotwire his car and drive around the block park and root thru his glovebox then return it ...
In my opinion, it sets an inappropriate precedent to make banning decisions based on a guess that MentaL had good intents and due to fear of his mental instability. That precedent sends a pretty clear message that the TOS are irrelevant and people can do whatever they want as long as they say that they meant no harm and leave an impression that if you disagree with them that they will harm you. It rewards a negative behavior and encourages it to occur again.
FETT_TFK_Tat2tillidie - Basically in the article he says he was insulted by the offer of $500 well to explain it betterOr he was insulted because millions of people's info and millions of dollars could have been taken and guys were getting paid 6 figures a year to keep that info safe and he got in and they said hey go buy a sandwich.
I was walking into a club and a guy drops his keys for a Porsche and when I hand him the keys and say hey someone could have just stole it and he says wow your right here's $10 and I say fuck you and go Hotwire his car and drive around the block park and root thru his glovebox then return it ...
Greetings Professor Kirik.
Shall we play a game?
digthisbigcrux - Greetings Professor Kirik.
Shall we play a game?
lol voted up because you made me chuckle with this
The Gumball Kid -I agree and wrote my amendment at about the same time as you. My point being, there's no way of knowing where his network of friends begins and ends. He may not have the means, but that doesn't mean his friends or others don't and won't take them on as retribution.Il Duce - Gumball, his life and the life of his friends and family could turn into a potential hell for years and years. Even people who aren't friends with mentaL could find cause for retribution because under a certain code of ethics, he is a good guy and a hero. This site could be ruined, finances ruined, privacy destroyed, any online presence and general havoc would likely be unleashed upon him and mma.tv. That's just how it is.
That is a lot of power to give someone that is being labeled unstable at the moment. As for what all he could do is really above my head and I'd have to refer you to AlmightyCrom's post (excellent btw), which sheds some light and what's actually going on from a hacking standpoint.
I got totally ganged up on, and could see if somebody really wanted to, they could extend venom to your friends and family as well.
FETT_TFK_Tat2tillidie - Basically in the article he says he was insulted by the offer of $500 well to explain it better
I was walking into a club and a guy drops his keys for a Porsche and when I hand him the keys and say hey someone could have just stole it and he says wow your right here's $10 and I say fuck you and go Hotwire his car and drive around the block park and root thru his glovebox then return it ...
No.
It's more like, imagine you stumbled into an underground valut that had $2,000,000,000 in cash. Instead of looting it or selling its location to someone else, you contacted the owners who initially offered you 20K, but wound up saying "Eh here's five hundred bucks. Thanks, kid."
He discovered a vulnerability that could've completely burned down the operation- an operation that was apparently looking to hire people starting at 150,000 a year. You think the RIAA or various movie studios wouldn't have given a testicle for that information (with about fifty layers of deniability, of course)?
I would have been pissed off too... and he STILL DIDN'T BURN THEM DOWN. He just posted screen shots that he had been in there and that they had been vulnerable.
This isn't a blackhat, folks.
The only 'gray' is that he socked DFW for the lulz, which was indeed lulzy.
Stop the hysterics.
InconsiderateSerra -FETT_TFK_Tat2tillidie - Basically in the article he says he was insulted by the offer of $500 well to explain it better
I was walking into a club and a guy drops his keys for a Porsche and when I hand him the keys and say hey someone could have just stole it and he says wow your right here's $10 and I say fuck you and go Hotwire his car and drive around the block park and root thru his glovebox then return it ...
No.
It's more like, imagine you stumbled into an underground valut that had $2,000,000,000 in cash. Instead of looting it or selling its location to someone else, you contacted the owners who initially offered you 20K, but wound up saying "Eh here's five hundred bucks. Thanks, kid."
He discovered a vulnerability that could've completely burned down the operation- an operation that was apparently looking to hire people starting at 150,000 a year. You think the RIAA or various movie studios wouldn't have given a testicle for that information (with about fifty layers of deniability, of course)?
I would have been pissed off too... and he STILL DIDN'T BURN THEM DOWN. He just posted screen shots that he had been in there and that they had been vulnerable.
This isn't a blackhat, folks.
The only 'gray' is that he socked DFW for the lulz, which was indeed lulzy.
Stop the hysterics.
Common sense and rational thinking shall prevail.
.
OutTapped -So if a bum who has no job finds a way into your home and makes a sandwich because the alarm company made a mistake how would you react ? Lol I'm sure you'd be super happy ...FETT_TFK_Tat2tillidie - Basically in the article he says he was insulted by the offer of $500 well to explain it betterOr he was insulted because millions of people's info and millions of dollars could have been taken and guys were getting paid 6 figures a year to keep that info safe and he got in and they said hey go buy a sandwich.
I was walking into a club and a guy drops his keys for a Porsche and when I hand him the keys and say hey someone could have just stole it and he says wow your right here's $10 and I say fuck you and go Hotwire his car and drive around the block park and root thru his glovebox then return it ...
sycotik -Let me bang bro - iom apgage 1 sonMcgurgle qwat mio!!!!!!
Perfect!
InconsiderateSerra -FETT_TFK_Tat2tillidie - Basically in the article he says he was insulted by the offer of $500 well to explain it better
I was walking into a club and a guy drops his keys for a Porsche and when I hand him the keys and say hey someone could have just stole it and he says wow your right here's $10 and I say fuck you and go Hotwire his car and drive around the block park and root thru his glovebox then return it ...
No.
It's more like, imagine you stumbled into an underground valut that had $2,000,000,000 in cash. Instead of looting it or selling its location to someone else, you contacted the owners who initially offered you 20K, but wound up saying "Eh here's five hundred bucks. Thanks, kid."
He discovered a vulnerability that could've completely burned down the operation- an operation that was apparently looking to hire people starting at 150,000 a year. You think the RIAA or various movie studios wouldn't have given a testicle for that information (with about fifty layers of deniability, of course)?
I would have been pissed off too... and he STILL DIDN'T BURN THEM DOWN. He just posted screen shots that he had been in there and that they had been vulnerable.
This isn't a blackhat, folks.
The only 'gray' is that he socked DFW for the lulz, which was indeed lulzy.
Stop the hysterics.
I think if you're going to expose a vulnerability you do it out of good intentions. If they give you some bounty money, all the better. Or if they already specified that they have a bounty policy, great.
But giving them the vuln and then afterwards being disappointed they didn't cough up a bunch of cash to you seems like a bad approach to me.
In any case of vulnerability disclosure where you have not previously been given permission to test their security, they would be within their rights to get you charged under the Computer Fraud & Abuse act.
As I said earlier, I'm for vuln disclosure and I think sites having a clear policy & offering bounties is a very good thing. Facebook, Google, Microsoft to name some big names all are doing this now. They have specific guidelines about what you can and can't do while testing. The main things you can't do is mess with their data / DB or use other real user's accounts. You register a few dummy accounts and use these for testing and to find vulnerabilities and when you disclose them you show a proof of concept using these dummy acocunts, not some random person whose account you breached.
This post covers some of the main points. Don't know this guy from Adam, just one of the top results from Google on disclosure best practices.
http://titanous.com/posts/security-disclosure-policy-best-practices
I agree I don't think MentaL is a blackhat but he went beyond simple disclosure here.
Posts are being deleted? Weak.
The OP conveniently left out that MentaL released more than one member's personal information, and he has all of ours.
So basically MentaL pwned mixedmartialarts.com "like a ninja through a dog door" ?????
Really, that's the imagery we're going with ??????
BRB, got to go close my dog doors. Those damn ninjas.
So MentaL is basically holding a gun to your head and saying I am sorry at the same time. Hackers are such a pathetic group.
The two things that really bothered me about this situation was the lack of notification about the initial breach (which I think has been a learning experience for everyone) and the inconsistency with which users have been treated (primarily the fact that a harmless yet awesome contributor is banned WITH ALL OF HIS CREATED CONTENT DELETED for posting fake quotes from Dana while someone who hacked into the site database and actually posted as Dana got a free shirt and a stern talking to).
If it's actually true that calo is allowed back without BS restrictions I'll definitely be renewing my blue name. Bringing back calo and restoring his original content would go a hell of a long way in my book.
In earlier this time.
So how the fuck do I change my password from the app since your shitty site is pretty much unusable on my phone?