Thursday, 8 August 2019

SE News 2019-08-08

Just a couple of things. About a month ago I got a report from one of our users that an email they only used for SE has started receiving spam. I've been going through the logs since then and haven't seen anything indicating that we've been hacked, but it's also not impossible. Now SE doesn't store your passwords in plaintext, they're salted and hashed. The only thing they really could have gotten is your email address, browsing data, who owns what socks, etc. (aka, my retirement plan for when I sell out to facebook.) If you use your SE password for any other sites (Which you really shouldn't.) you should still probably change them.

Also, I've been doing a bit of updates on the consequences of low karma for dealing with spams and trolls. So the new karma rules (subject to change as I flesh them out) are that you need greater than -5 points to comment, 15 points to mod, and 30 points to post. Negative Karma regenerates, and 15 and 30 are more than easy enough to attain for someone that takes part in the community, in my opinion. I was also working on a captcha for low karma accounts, but things went south on that. So it's been put on hold for a bit.

Hope y'all are doing well. I'm so freaking hot, I think Florida may be on fire again.
[SFW] [Meta SE] [+10 Informative]
[by steele@6:38pmGMT]


Onix said @ 4:26am GMT on 9th Aug [Score:2 Underrated]
I hope everything works out. Man, I've been here for like 20 years now and I check it every day. Love the place a lot, even if I am not so active anymore.
zenviper said @ 1:01am GMT on 9th Aug [Score:1 Underrated]
Thanks for everything you do Steele. I really appreciate that you kept this community and the slice of the internet that I call home alive.
spazm said @ 7:41pm GMT on 8th Aug
Thanks Steele! Curious to see how the new karma updates will work out, sounds pretty good so far.
steele said @ 7:59pm GMT on 8th Aug [Score:5 Funny]
I received a message informing me that:

Inside of every Progressive is a totalitarian screaming to get out – David Horowitz

So I'm gonna go out on a limb and say it's working reasonably well. Remember to mod, everyone! :D
dolemite said @ 8:40pm GMT on 8th Aug [Score:2 Funsightful]
and inside of David Horowitz is a torrent of bullshit screaming to.....oh, never mind, it's out already.
spazm said @ 8:18pm GMT on 8th Aug
LMAO I guess that’s all sorted then!
rylex said @ 9:57pm GMT on 8th Aug
that email they use for only se, im willing to bet its also used for only pr0n too.
ooo[......7 said @ 10:03pm GMT on 8th Aug
I love that karma idea, keep up the great work!
Hugh E. said @ 12:02am GMT on 9th Aug
SE requires an email?
cb361 said @ 7:47am GMT on 9th Aug
Collaborative web logs get lonely too.
LacheChance said @ 8:49pm GMT on 9th Aug
This site doesn't have a security certificate so the connections aren't encrypted. If the browser isn't sending the password in plain text it's at most sending the hash that the site would require to log someone on (or more likely the session cookie that identifies the user).
steele said @ 9:53pm GMT on 9th Aug
That is correct. On the old site, I used to scrape cookies from other users, i have quite the db somewhere.πŸ˜… So, one of the first things I did when I brought the new site online is tie that session hash to your IP... and everybody on mobile hated it and constantly complained. If I remember correctly SSL has been decryptable for years. Wireshark did it pretty easily last i tried it, a while back. So if someone is sniffing your traffic you're kinda already at their mercy.

Post a comment
[note: if you are replying to a specific comment, then click the reply link on that comment instead]

You must be logged in to comment on posts.

Posts of Import
SE v2 Closed BETA
First Post
Subscriptions and Things

Karma Rankings