- FightingRaven531
- |
- Exalted Mythic Member
- gamertag: [none]
- user homepage:
Posted by: mr poopoo232
its like a large force of win going through fusion, thus creating a chain reaction of a huge asplosion of win destroying any fail within its awesomeness.
Posted by: m00zor campycow
Actually, a brute force attack is not the first method one would approach when trying to hack a website such a Bungie.net. It's a well-known fact that Passport is exposed to cookie attacks. What this means is that for older IE users, you are volnurable to an attemp to either take your unencrypted cookie files, or for someone to intercept them while they are being sent to Passport.
What does this mean? It means that with the guides available on the internet, one could probably hack Bungie.net within the hour. I was warned about this recently, and I have Firefox set to clear cookies whenever I exit a session. It is likely that this flaw was how MBT was exploited recently for no traceable reason, and I recommend you protect against it.
Yes I read this, and no I won't provide you with the article. This is merely informative, not instructive. lol
Yes, I am the one that brought up this article. Like m00z said, he won't provide you with an article. But I'll provide you a snippit on prevention from this article.
If you are a user of Microsoft Passport, it is recommended that you browse with great care. Do not ever check the box when logging into Passport that reads Sign me in automatically on this computer. This creates the MSPSec cookie documented above that is used to automatically log you in without having to reenter your password at participating sites. When this cookie is compromised, it represents the greatest danger to your account.
It is also recommended that you only log into Passport before browsing sites that require Passport and log out immediately after your visit. Logging out essentially destroys the majority of your cookies, so that they cannot be compromised by further browsing.
Most importantly, I recommend that you do not use a browser with the vulnerability I have described. If you are using a vulnerable browser, Microsoft Internet Explorer (all versions prior to 5.5), and wish to continue using it, there is a patch available to repair this bug located at http://www.microsoft.com/technet/security/bulletin/ms00-0 33.asp.
[Edited on 6/10/2006]