Login history/man-in-the-middle | Bitcointalksearch.org

sdp

sr. member

Activity: 469

Merit: 281

Quote from: smeagol on December 01, 2013, 08:53:00 PM

Hello

Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.

Thanks

edit: For me the forum was down for most of the day, so this post is my first login today.

See your browser's history.

smeagol

legendary

Activity: 1008

Merit: 1005

Quote from: jackjack on December 02, 2013, 04:25:45 PM

It should be ok
Check the fingerprint to be sure

Whew, thanks

Quote from: Raize on December 02, 2013, 04:38:31 PM

I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. Undecided

Haha. http://en.wikipedia.org/wiki/Tinfoil_Hat_Linux

Raize

donator

Activity: 1419

Merit: 1015

I was presented on one trusted computer where I had a cookie stored with a form to relogin the night of November 17th. At the time I thought maybe it was just myself that was a target of some clandestine state-sponsored attempt to soil my reputation or scam users. Now with this latest development, I'm even more paranoid now than I was then. Undecided

theymos

administrator

Activity: 5222

Merit: 13032

Quote from: smeagol on December 02, 2013, 03:26:03 PM

I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right?

No. http://109.201.133.195/ is just a redirection. https://109.201.133.195/ will get you the site, but you'll get a certificate error, and I don't think that the site works properly if you use a non-standard "domain".

jackjack

legendary

Activity: 1176

Merit: 1280

May Bitcoin be touched by his Noodly Appendage

Quote from: smeagol on December 02, 2013, 03:26:03 PM

Quote from: CIYAM on December 02, 2013, 03:34:25 AM

Quote from: Rannasha on December 02, 2013, 03:03:18 AM

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).

I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right?

It should be ok
Check the fingerprint to be sure

smeagol

legendary

Activity: 1008

Merit: 1005

Quote from: CIYAM on December 02, 2013, 03:34:25 AM

Quote from: Rannasha on December 02, 2013, 03:03:18 AM

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).

I typed 109.201.133.195 into my url bar and pressed enter, it goes to bitcointalk and has the https with the green lock. It's safe then, right?

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: Rannasha on December 02, 2013, 03:03:18 AM

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Yup - from where I am connecting through I see 109.201.133.195 (from where I am actually located I see 108.162.196.161) so I think I am fine (did also check the SSL cert fingerprint matched the one that theymos signed).

Rannasha

hero member

Activity: 728

Merit: 500

Quote from: CIYAM on December 01, 2013, 11:24:34 PM

Code:

If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,

Was this written from someone in the future?

It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).

Updated DNS records may need time to properly propagate, so it's possible that there are still people out there being served the phishing site.

Check the IP that bitcointalk.org resolves to and the SHA fingerprint of the SSL-certificate and compare them with values posted by theymos to ensure that you're on the correct website before logging in.

Mylon

full member

Activity: 140

Merit: 100

Mining FTW

Quote from: CIYAM on December 01, 2013, 11:24:34 PM

Code:

If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,

Was this written from someone in the future?

It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).

Quote from: CIYAM on December 01, 2013, 11:40:12 PM

It's Dec 2 6am here, so most likely that was the time of writing in his/her local time.

Code:

If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)

Wow - I am communicating with someone from the future!

As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.

There was confusion about the end time, (yes the end time is in the future, you should not login until then)

extortion

full member

Activity: 141

Merit: 100

even if our password is password?

extortion

full member

Activity: 141

Merit: 100

Quote from: CIYAM on December 01, 2013, 11:40:12 PM

Code:

If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)

Wow - I am communicating with someone from the future!

As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.

LoL

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Code:

If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC (this is in the future -- do not login until then)

Wow - I am communicating with someone from the future!

As I have checked and verified the certificate's fingerprint then I am assuming that I am okay.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Code:

If you used your password to login between 06:00 Dec 1 UTC and 20:00 Dec 2 UTC,

Was this written from someone in the future?

It is currently 04:24 Dec 2 UTC (if it was meant to say 20:00 Dec 1 UTC then luckily I was getting CloudFlare errors that whole time).

extortion

full member

Activity: 141

Merit: 100

i tried to tell theymos a week or two ago i thought the security of the site had been compromised again. of course, i was speaking to a brickwall the entire time.

EDIT: btw, its me r3wt. i refuse to login under my normal username for the time being,

gmaxwell

staff

Activity: 4242

Merit: 8672

Quote from: smeagol on December 01, 2013, 08:53:00 PM

Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.

unfortunately the forum can't know. E.g. you could have attempted to log in, it could have been intercepted by the attacker, and then the account could have just appeared down for you.

smeagol

legendary

Activity: 1008

Merit: 1005

Hello

Is there a way where I can see if I logged in during the times affected by the attack? I use multiple browsers, some have remember me and others don't, so I'm not sure if I was affected.

Thanks

edit: For me the forum was down for most of the day, so this post is my first login today.

Topic: Login history/man-in-the-middle (Read 1320 times)