Author

Topic: Account "Woke Up" (Read 1350 times)

legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
April 01, 2017, 06:01:09 AM
#7
The ACCTseller's trust wall is currently showing "This user recently woke up from a long period of inactivity." Not sure how recent an addition this is to BCT.
Hi Timelord2067,

Please do not read any of the posts in this thread prior to posting.

Regards,
It looks like there was a new addition to the security log at roughly March 23, 2017, 12:26:24 AM GMT that alerts people to when someone accesses their account after a long period of inactivity.

I guess this is something I should expect from a Litecoin master.

Can I quote you on that? http://archive.is/fJriK#selection-3035.1-3006.18
hero member
Activity: 532
Merit: 500
no longer selling accounts
April 01, 2017, 01:15:26 AM
#6
The ACCTseller's trust wall is currently showing "This user recently woke up from a long period of inactivity." Not sure how recent an addition this is to BCT.
Hi Timelord2067,

Please do not read any of the posts in this thread prior to posting.

Regards,
It looks like there was a new addition to the security log at roughly March 23, 2017, 12:26:24 AM GMT that alerts people to when someone accesses their account after a long period of inactivity.

I guess this is something I should expect from a Litecoin master.
legendary
Activity: 3696
Merit: 2219
💲🏎️💨🚓
March 31, 2017, 08:06:14 PM
#5
The ACCTseller's trust wall is currently showing "This user recently woke up from a long period of inactivity." Not sure how recent an addition this is to BCT.
legendary
Activity: 1382
Merit: 1122
March 28, 2017, 09:47:24 AM
#4
Another option would be to have OldScammerTag leave negative trust whenever someone meets the above criteria of waking up their account and having not changed their password since the May 2015 hack. This negative rating could be removed after a signed message is provided, or after xxx number of days from when a user disputes the negative rating publicly -- in the later case, the rating could be changed to a neutral.

That honestly seems like a lot of extra work on the admin's side. I highly doubt anything like that will ever be implemented.



I didn't know this happened now so thanks for the thread. Hopefully it should help some people  who are too trusting to realise that they should get some sort of proof that they're dealing with the original owner. Maybe just maybe this will prevent some scams from those ancient hacked accounts.
hero member
Activity: 532
Merit: 500
no longer selling accounts
March 27, 2017, 05:46:56 PM
#3
My main question is, what is the criteria for this to show up?
It shows up if a user has logged in with their last login time being at least 6 months ago.
Thanks.

Hopefully something can be implemented specifically for accounts whose passwords have not been changed since the hack, since they have an almost 100% certainty to be hacked.
staff
Activity: 3458
Merit: 6793
Just writing some code
March 27, 2017, 12:34:41 PM
#2
My main question is, what is the criteria for this to show up?
It shows up if a user has logged in with their last login time being at least 6 months ago.
hero member
Activity: 532
Merit: 500
no longer selling accounts
March 25, 2017, 10:53:40 PM
#1
It looks like there was a new addition to the security log at roughly March 23, 2017, 12:26:24 AM GMT that alerts people to when someone accesses their account after a long period of inactivity. This appears both in the security log and on a user's trust profile (presumably for at least 30 days).

My main question is, what is the criteria for this to show up?

It looks like this will show up, even if you have changed your password since the May 2015 hack. I would point out that it is not entirely unusual for someone to take several months being away from the forum for whatever reason and to come back. With this being said however, it would be more unusual for someone to have not changed their password after the forum was hacked in May 2015 if they had any intention of ever coming back, especially about 22 months after the fact, and especially considering the widespread attention and publicity that this hack got.

As a result of the above, I would propose to display some additional/different warning when an account "wakes up" (as per the above criteria) AND has not changed their password since the May 2015 hack.

At a minimum, this should be a different warning message on a user's trust profile, and different entry in the security log.

I am not sure how difficult this would be to code and implement, however a scrub of all posts made by users who have not yet changed their passwords since the May 2015 hack that contain what could be considered a bitcoin address could be done, and users could be prevented from editing/deleting those posts. If the legitimate owner of an account comes back and wishes to edit/delete one of these posts (and would otherwise be able to do so, eg no hidden scammer tag), they could sign a message from one of the addresses posted -- I don't think admin intervention would be necessary in these cases because users already have access to their accounts, I think it might even be safe to 'unrestrict' these posts by submitting the signature to a specific message requested by an automated form.

Another option would be to have OldScammerTag leave negative trust whenever someone meets the above criteria of waking up their account and having not changed their password since the May 2015 hack. This negative rating could be removed after a signed message is provided, or after xxx number of days from when a user disputes the negative rating publicly -- in the later case, the rating could be changed to a neutral.
Jump to: