What is Digg?44 Comments
- wageslaven, on 10/12/2007, -12/+43hey nitwit, this is a case of a single person shoulder-surfing a buddy.
not -- inspite of what the apple/nintendo-anti-MS/Xbox fanboys here on this website care to promote.
In fact, MS did say they were investigating. And gave the results. yet some misinformed rumour bullshiat made it to the frontpage. Go read what Major Neilson said.
"a few isolated incidents where malicious users have been attempting to draw personal information from unsuspecting users and use it to gain access to their LIVE account. This is a good time to remind our members that they should never give out any of their personal information."
Total 100% unadulterated anti-MS fud. - chris9902, on 10/12/2007, -7/+28he didn't write the story dumbass.
- TonyCubed, on 10/12/2007, -4/+22Sorry, but it's very easy to get access to someones Xbox Live account if it's linked to the Windows Live ID (Ie. Windows Live Mail/Hotmail/MSN etc).
- Phishing.
- Trojan/Keylogger.
- Stupid Passwords.
- People giving away their passwords.
- Secret question answer stupidly obvious.
Unfortunately, Microsoft cannot protect people who are ignorant and don't protect themselves properly. - Nougat, on 10/12/2007, -4/+17I just love how people are all afraid of "hackers." For the most part, there are no hackers. There are con artists, using technological tools in their cons. I suppose it makes people feel better if they can claim to have been "hacked," because that connotation relieves them of any responsibility in the incident. "I was just sitting around minding my own business, and suddenly my ***** was all ***** up! I was hacked!" Never mind that "anna_k_naked.jpg .exe" file that you ran, or the personal information you gave out to someone claiming to be your bank.
- humanrobot, on 10/12/2007, -3/+15the intertubes are a dangerous thing.
- TheThirdWheel, on 10/12/2007, -7/+17Something definitely smells phishy. There were some obvious defacements on the Bungie.net site "Im In yur Gamertags steelin yur acheevmentz". I'm sure someone "hacked" the new site and defaced it, and these defacements started the rumors of stolen accounts. Even if you gained access to the Bungie site the Live logins are not stored there and are verified through the live.login site.
Basically Bungie got "hacked" and Live/Microsoft didn't. I could be proven wrong but why would a Microsoft spokesperson say their security was not compromised when it would be very easy for a compromised account/customer to prove it was. - MeekelUK, on 10/12/2007, -1/+11Well sorry if we don't want our credit cards stolen
- AJH16, on 10/12/2007, -0/+7There are "hackers", but the chances that you will ever fall victim to one are pretty small unless you have something that they want. (And a couple of XBox Live accounts probably wouldn't be worth the effort.)
- chris9902, on 10/12/2007, -2/+8"how do people's accounts get hacked w/out the passport service being hacked?"
My username is: _____ My password is: _____
If somebody is stupid enough to answer then that's how you get the details. Not buy "hacking" (a term misused so often it's lost all meaning) Into Microsoft. - Skas, on 10/12/2007, -2/+6@unrealmp3:
glad to see you don't know what you're talking about. - goonbaggins, on 10/12/2007, -5/+9Maybe XBL hasn't been "hacked" persay, but users accounts are being stolen. Many of the top Halo 2 pros on MLG have had their gamertags stolen by punk kids who think it's cool to have a pro's name.
How it happens is someone calls Microsoft support, complains that they've forgotten some bit of personal information that they used when they signed up (say address, phone #, or even credit card number) and they need it to transfer the account over to their 360. If the customer service rep won't give them something, they'll just call back until they get a rep that will give it to them. They repeat this, trying for one part of information each time until they have everything they need. I can't confirm that this method is true, but it's what I've read. - TheRealM3D, on 10/12/2007, -3/+6The problem lies with Microsoft's customer service department. ALL you need to know is the account name to get them to start giving you information over the phone if you use a little social manipulation. You talk to the MS customer service rep and convince them you've forgotten something and you keep calling back until you gather enough information to convince one of them that you really do own the account and then have them "recover" it for you and transfer it to your Xbox 360. Then you have access to their account, their personal information and their credit card. I personally know people who have had hundreds of dollars worth of merchandise purchased from the Microsoft online store once someone stole their account.
So no, it's not "hacking" the account by using technical means. It's stealing the account by using the stupidity of MS' customer service department, their piss-poor security measures and a little "Catch Me If You Can" brass ballsiness. MS doesn't want to be held accountable for their poor security measures, so they're going to blame the gamers and say they give the information away some other place, but there are verified stories from these "hackers" just using a phone, a 360 and a stupid customer service rep to steal this stuff.
I love my Xbox 360 but MS really needs to step it up and fix this issue instead of passing the blame onto the gamers. - brwnx, on 10/12/2007, -5/+8sonysucks == majornelson??
;-) - colonelcack, on 10/12/2007, -3/+5While this may be one way to do it, theres actually a much easier method that requires no personal info whatsoever:
http://forums.afterdawn.com/thread_view.cfm/371518 - totorototoro, on 10/12/2007, -1/+3TheRealM3D,
is that for all of MS's online services, or just XboxLive? I was under the impression that the XboxLive network was pretty secure, it was only when people linked their XboxLive accounts to their Windows Live ID-a system which seems a bit easier/desirable for undesirables to exploit. - AEGYPT, on 10/12/2007, -0/+2good thing xbox doesn't have a browser - imagine how much security pr damage control they'd have to do then!
- unununium, on 10/12/2007, -2/+4"Make a file called HDD HACK Acc profile"
This must be how the pros do it. - chris9902, on 10/12/2007, -2/+4the Windows ID is no different to any username or password. So they could've been taking by spyware, human error, luck or a million other things.
- byronm, on 10/12/2007, -2/+3Its a form of social engineering. The greatest example i saw was the live demo at H2K2 where a dude called up a poor sap at Starbucks and we we're able to get register info, credit card processing info and a list of cards that failed the batch submit with credit card numbers and expiration dates. Was pretty amazed at how simple it was. "Hi, this is so and so from tech support, We heard you had a batch problem" and sure enough they spilled the beans.
Its not a MS problem to say the least. Call up anyone and you can social engineer just about anything you need. - rowlodge, on 10/12/2007, -0/+1hey, what happened to bungie?...try to log on. (bungie.net)
- staticneuron, on 10/12/2007, -0/+1Hacking is different from phishing. Hackers exploit code without any help from the users.
- Dgen_X, on 10/12/2007, -3/+2dude needs to learn how to spell...
seriously....wright? - okaroleo, on 10/12/2007, -4/+3U just rephrased TonyCubed's comment.... Post original comments please
- rowlodge, on 10/12/2007, -3/+1 just heard of this "major nelson",recently, he could use some sort of wider introduction from bungie. (really)
- totorototoro, on 10/12/2007, -5/+3Major Nelson is like a father figure to them :p
- Pix869, on 10/12/2007, -8/+6***** 90% of sonysuck's submitted stories are "major Nelson's blog!"
- inactive, on 10/12/2007, -6/+3Hey everybody! Here is my personal information!
Real Name: Joey Jo-Jo Joey
Address: 123 45th Street, Apt 6-7, New York, NY 10001
Telephone: 212-555-1212
Social Security Number: 123-45-6789
Bank Account #: 12-3456-78910
Password: moron
OMG!! I WAS JUST HACKED!!! SOMEONE HELP ME!! GET THE GOVERNMENT TO HELP!! MY INFORMATION WAS USED WHEN I POSTED IT ON THE INTERNET!! I WAS HACKED!! - allarise, on 10/12/2007, -24/+21Hmm. the submitter's username seems to indicate a bias...
- NMed04, on 10/12/2007, -7/+2how do people's accounts get hacked w/out the passport service being hacked? smells like a coverup because I definately personally know people who have had their accounts stolen/hacked...
oh, and when you try to update your billing services, you get a message saying you're about to be charged for things you've already paid for.
awesome customer support microsoft, i especially like that you can never remove credit/debit cards from your account which is accessible through your passport service excellent job /sarcasm - NMed04, on 10/12/2007, -7/+1yes but the people i know who's accounts have been stolen most certainly did not give out their info, so there goes that theory
- unrealmp3, on 10/12/2007, -8/+2I hate the way people use the word "hacker". Someone bypassing a protection is called a cracker.
Hacker and "hacker" are two different things. - Wireddd, on 10/12/2007, -7/+1Who wants to read about something not being hacked on digg?
- wild, on 10/12/2007, -9/+2People act like there is one use of the word. Its part of an evolving language. It will be used how it will be used.
- kennymiller, on 10/12/2007, -11/+2"Sorry, but it's very easy to get access to someones Xbox Live account if it's linked to the Windows Live ID (Ie. Windows Live Mail/Hotmail/MSN etc).
- Phishing.
- Trojan/Keylogger.
- Stupid Passwords.
- People giving away their passwords.
- Secret question answer stupidly obvious.
Unfortunately, Microsoft cannot protect people who are ignorant and don't protect themselves properly."
No...people need to learn how to take care of themselves and their computer...and not have Symantec do it for them. - Porkchoppower, on 10/12/2007, -10/+0I've seen the movie Hackers...so right now a beautiful & sexy Angelina look-a-like is "flying"around inside my xbox! I must get in there!!!
- inactive, on 10/12/2007, -15/+3I do sometimes wonder about the security of the whole system when maps can get so completely owned. I mean I know that is because they use players' boxes as servers but still...
- inactive, on 10/12/2007, -19/+7@ Wage... if you're going to try to make a point, get your names straight. It's Major NELSON
- gokss, on 10/12/2007, -18/+5Any way Microsoft is not going to accept it....So i wont believe this report......
- EbowUK, on 10/12/2007, -25/+9OK, so, lets clarify:
- Users suggest the service has been hacked.
- Media reports this.
- Service operator denies the system has been hacked.
- someone called sonysucks reports this on Digg
Microsoft have a team of damage control monkeys then? - juanotejano, on 10/12/2007, -21/+5Yea I don't buy it much either.
- astroboiii, on 10/12/2007, -19/+1omg his name is actually sonysucks....
fanboyism is askin to having the biggest ***** on the block...when will you gay little children just die already? - wild, on 10/12/2007, -25/+5"a few isolated incidents "
Yep, just like those three red lights people were reporting about. Seem to remember him saying the same thing about those last year as well. Then MS goes off and reports higher than expected costs on their financial report due to defective Xbox repair.
Yep, I believe everything Major Nelson says... - MeekelUK, on 10/26/2007, -43/+4At least somone at Microsoft is commenting on it.
The Digg Toolbar for Firefox lets you Digg, submit content, and keep track of Digg even when you're not on the Digg site. Download the official 
© Digg Inc. 2009
— Content created and posted by Digg users is