- This topic is empty.
-
AuthorPosts
-
April 1, 2008 at 8:24 pm #764770
Anonymous
InactiveHave emailed michael for you
April 2, 2008 at 6:26 am #764786Anonymous
Inactive@alexpratt 158489 wrote:
Have emailed michael for you
Nice, i hope his not too busy collecting data about us, since everytime he
adds a new portal to his system, he seems to leak an access to his crappy coldfusion system.I can just imagine what some script kid on the haxor land could do with the info available there.
All i can say is that, when i was looking “what the hell is this” i noticed he had some private info about me and all of the people in cap and gpwa that he is not supposed to have, or did i ever agreed him to collect. Now he is leaking all this info to everywhere and it makes me pretty mad.
Hope he contacts me soon, so he can fix his system.
Take Care
April 2, 2008 at 12:31 pm #764796Anonymous
InactiveStill no contact. Data still leaking. Direct access to everyone. If you can, please have the owner of casinocity.com contact me asap, to fix this SERIOUS security issue.
Why am i asking you guys to help me to help him? Because i cant find his direct contact info, and i dont want to wait months for him to get back at me or possibly be blocked by some spam filters. This is also his issue and im just trying to be a nice guy here and point it out before some script kiddie comes and steals all his data, changes his affiliate links, destroys every account in gpwa and so on.
April 2, 2008 at 2:45 pm #764804
QwzjMasterMemberPlease contact [email protected] via email as soon as possible with information about the security hole(s) you have uncovered. Michael is out of town and unable to respond.
Steve
April 2, 2008 at 2:52 pm #764806Anonymous
InactiveWow. Doesn’t make me too happy. I wonder what data they are storing on me?? Better not be anything personal.
April 2, 2008 at 3:10 pm #764809Anonymous
Inactive@snowshoeblue 158541 wrote:
Please contact [email protected] via email as soon as possible with information about the security hole(s) you have uncovered. Michael is out of town and unable to respond.
Steve
Just like i needed to confirm my website to gpwa.org(which didnt work if i remember right), i need some sort of confirmation that [email protected] is indeed qualified by the owner of the casinocity.com to receive this type of sensitive information.
Perhaps *Michael* has an emergency access to a laptop or whatsoever to save his gazillion dollar business and is able to confirm i can give this info to you, if not then, im sorry, no bonus!
And no, im not trying to be annoying, it’s just that the information is very sensitive, so i don’t want it to go to the wrong hands.
Thanks.
April 2, 2008 at 3:12 pm #764810Anonymous
Inactiveso what kind of information does he have on affs in his little backend?
April 2, 2008 at 3:26 pm #764813Anonymous
Inactive@Goldfinger 158547 wrote:
so what kind of information does he have on affs in his little backend?
I know it would be nice for you to know, but i think i cant release any of this information, even though the entry is not unauthorized since there is no authorization in the first place.
What i can say is that the backend is not little in any form. I think it covers pretty much all the data from all of his sites + some extra, but im not going release anything to the public nor look into it any further since im already quite sure that it’s not supposed to viewed by me, even though theres no authorization.
April 2, 2008 at 3:46 pm #764818Anonymous
InactiveRCeo,
You will see that I sent you a pm in reply to your pm to me confirming that Steve is the correct person to track down the issue that you have observed.
I do take security issues very seriously, and we will rapidly fix whatever vulnerabilities currently exist.
The reason for the delay in my responding is that I was on a plane flight to CAC in Amsterdam at the time of your original contact attempt. As soon as I saw there seemed to be an issue I asked someone I thought could fix it to contact you.
Michael
April 2, 2008 at 3:47 pm #764819Anonymous
InactiveOk people. At this moment i think i got their attention and hopefully we can solve this problem, so all the data will be in safe.
Im waiting for Michael to confirm i can release the info to his co-workers and let them deal with it.
Im hoping to see some sitewide links from gpwa.org and casinocity.com to my crappy site..joking! naw.. for real!
April 2, 2008 at 3:49 pm #764820Anonymous
Inactive@Casino City 158556 wrote:
Rceo,
You will see that I sent you a pm in reply to your pm to me confirming that Steve is the correct person to track down the issue that you have observed.
I do take security issues very seriously, and we will rapidly fix whatever vulnerabilities currently exist.
The reason for the delay in my responding is that I was on a plane flight to CAC in Amsterdam at the time of your original contact attempt. As soon as I saw there seemed to be an issue I asked someone I thought could fix it to contact you.
Michael
Ah, My bad i didnt notice. Ok, im going to send him the info now.
April 2, 2008 at 9:42 pm #764856Anonymous
InactiveI thought I should post that there is no longer any security vulnerability – it was corrected earlier today within minutes of our identifying the nature of the issue.
I also want to clarify that the information about affiliates and their portal sites that we have is information that is appropriate and reasonable for us to have. RCeo did not realized the company that runs Casino City also operates the GPWA website, so he thought GPWA information had been misappropriated by Casino City, which was not the case at all.
The sort of information we have is information that associates portal sites with individuals based on their forum screen name (as is published and generally accessible on the GPWA.org portal website directory). The only personal information we have is profile information used in the forums (such as birthdate if provided to the forum software) and mailing address information for affiliates that have requested to be on our physical mailing list.
Michael
-
AuthorPosts