PDA

View Full Version : Board for Microsoft Security Issues?


ZZBroncos
05-12-2009, 04:59 AM
I am posting just to present the idea of having a board dealing specifically with security issues people have noticed with Xbox Live, the achievement system or anything else Xbox Live related that could impact one's gaming experience.

The reason for this is simple. Few really are aware of how insecure Xbox Live and their parent company Microsoft really are. It is also not limited to Xbox Live for it is a problem that cuts across all spectrums of electronics on the civilian market even up to the newest military technologies.

The board would be used as a medium for member of the X360a community to post issues they are having with Live, people who do hack then crack accounts, gamers to avoid, gamesavers, ect.

There is a need for this as many people have no idea that just by playing a game with someone over Xbox Live they are literally giving that person everything they need to hack, crack and hijack their account.

Then, if the moderators and administrators will allow it, a section could be designated for ways that account can be hacked using Microsoft to do everything for you. Currently, I know of 4 methods to acquire accounts just through the work of Microsoft employees or Microsoft services. This could be closed all non admins or mods to prevent exploitation of these methods. Every time a method is determined to work, an Admin could make a phone call to Microsoft (Corporate) to inform them about the vulnerabilities in their network.

This idea has a lot of tangible benefits to not only the X360a community but to the entire Xbox Live community. I deplore you, the X360a site admin team to act upon this request for the betterment of the Xbox Live community and the rule of law.

Thank You

ZZ

kaleido42
05-12-2009, 10:19 PM
I am posting just to present the idea of having a board dealing specifically with security issues people have noticed with Xbox Live, the achievement system or anything else Xbox Live related that could impact one's gaming experience.

The reason for this is simple. Few really are aware of how insecure Xbox Live and their parent company Microsoft really are. It is also not limited to Xbox Live for it is a problem that cuts across all spectrums of electronics on the civilian market even up to the newest military technologies.

The board would be used as a medium for member of the X360a community to post issues they are having with Live, people who do hack then crack accounts, gamers to avoid, gamesavers, ect.

There is a need for this as many people have no idea that just by playing a game with someone over Xbox Live they are literally giving that person everything they need to hack, crack and hijack their account.

Then, if the moderators and administrators will allow it, a section could be designated for ways that account can be hacked using Microsoft to do everything for you. Currently, I know of 4 methods to acquire accounts just through the work of Microsoft employees or Microsoft services. This could be closed all non admins or mods to prevent exploitation of these methods. Every time a method is determined to work, an Admin could make a phone call to Microsoft (Corporate) to inform them about the vulnerabilities in their network.

This idea has a lot of tangible benefits to not only the X360a community but to the entire Xbox Live community. I deplore you, the X360a site admin team to act upon this request for the betterment of the Xbox Live community and the rule of law.

Thank You

ZZ

Good idea, only thing is I don't know how well microsoft would take advice given. More so how quickly.

ZZBroncos
05-13-2009, 03:14 AM
Kaleido42 I know what you are saying, but literally when it would be apparent how insecure it is, I hope the media would pick up on this and actually delve into the complete apathy that this country has towards its cyber defences. Imagine an article on the front of the Washington Post detailing how, if a person wanted, they could sever the United States and the Western Hemisphere from the rest of the world with 6-9 small truck bombs which would cause zero causalities.

Back to Microsoft, they do not care, but when they are taking flack in the media for already having a crap console (I have had 14 RRoD in 3 years) AND they have an easily hackable and thus crackable internet service where credit card numbers are used routinely and sensitive information is dispersed throughout this system. Many adults entrust their children with their credit card around 14-16 if they are upper middle class and up. Imagine the outcry if the account of the son of the President of the United States was hijacked (yes, Obama does not have a son, it is a hypothetical premise).

Also it would encourage members of the X360a community to NOT put any personal information on their account, whether it is just information or a credit or debit card.

Since members of the community have flamed me for a lack of credibility on a similar thread where I inquired about ideas for a new GT, go check out smallwarsjournal.com or longwarsjournal.com and read. Do not think or jump to any conclusions. Just read the boards, discussions and the round tables. These are people who are experts in their fields who have intimate knowledge of many, many topics relevant to cyber security.

Lastly, notice how people discuss on the boards. It is civil. It is possible. These are people from all walks of life, all backgrounds, all beliefs and biases, all corners of the political spectrum. They have civil discussion on topics that are near and dear to them. In some instances they have been severely injured for them or lost close friends fighting because of views expressed there. There is no flaming, mainly due to the excellent admin team which I met not long ago.

No offense is intended but the exact opposite should be taken away from this. The admin team here could learn something from one of the best admin teams on any forum on the net. They are excellent here and are overwhelmed with everything they have to deal with, and this is not their job. But the amount of flaming that goes on virtually unabated (thanks JDM for quelling the flaming on my GT thread) needs to stop.

I also just realized how long this post is going to be, so I will try to avoid doing it again just to conserve the time of members reading this.

Thank You

Shelton
05-13-2009, 11:15 AM
I have a few question's and observations which carry on from your previous thread.

You noted that people will still hack despite the legal risks. You also related it to murder (there are laws against murder but it still happens). I understand that and here is my rebuttal to that statement.

Lets say there was an outcry over a murder and the public demanded more be done to prevent it. The Government provides armor for everyone.

It'd be harder to murder someone, sure, but if the person really wanted to they'd eventually get it done. This is how I relate the two. MS could increase security but if people were capable of hacking before, I doubt anything MS does would stop them.

LIVE is monitered by MS, which is a deterrent. As is the law.
If people are still willing to hack and risk imprisonment, well, that's their prerogative.

Could you please explain this sentence; "a section could be designated for ways that account can be hacked using Microsoft to do everything for you."

Wouldn't someone need to figure out/execute the hack to make this possible? Or are you suggesting we think of ways to access the network/information and ask MS to test it out?

Not sure that that would go down too well...

The idea of a security board is a decent one. However, I fear it'd become repetitive/pointless. Most of the topics would be "My account is under threat from a hacker, what do I do?"

Well, what do they do? Other than report the person to MS and file a complaint. In your other thread you mentioned you were changing your GT to avoid being hacked. That is not 100% effective, nor is any other measure.

Skillet
05-13-2009, 11:40 AM
I explained some things in your other thread but I thought I would address the credit card issue here.

It's not possible to see someone's credit card info from their account on their 360 or even on xbox.com.

You can't even see your own credit card number. It usually looks about like this:

****************4621

The last four numbers only visible so that the card holder can identify their card from others if you've used multiple payment methods.

Someone would have to either work at MS or probably work for the NSA... which we all know doesn't exist... :p to get your credit card numbers from Microsoft.

Also, as Webb told me about another forum, I doubt this would be used all that much. Their are maybe two or three threads a week in various forums about "account hacking"... not enough to warrant it's own forum.

But I'm not exactly a decision maker... so I guess we'll find out when one of the admins drops by.

EDIT: Also on the point of those places you linked to being more mature... it's mostly comprised of current and ex-military personel. Of course it's more mature.

Throw a 12 year old kid in there and see what happens.

Tussell
05-13-2009, 11:46 AM
This 'Security Issues' crap is getting out of hand... It seems that there have been more threads dedicated to this now than there ever was... It's annoying.

People just don't know how to handle their personal information and they give it out like candy, much like doctors with Vicodin. It's going to be your fault 99% of the time and there's nothing we can do about it. The board would be full of members falsely accusing other people of hacking and members telling everyone to send someone bad feedback so that Microsoft will look into it. Unfortunately, the second part will not do anything as most of us will not have come in contact with that player in recent games, so Microsoft will just throw that report away.

Be careful with your personal information. If you're not careful with it, don't hop on x360a and cry about it looking for either sympathy or a reason why. Also, once you get a reason as to why it most likely happened, don't disregard it and tell everyone they're wrong. If you're so right about it in the first place, don't come here and bitch about it. Figure it out on your own and leave everyone here alone.

jackanape
05-13-2009, 11:57 AM
If someone can get all of your information just by playing ONE game online with you then what do you suggest we do about that?

Never play online again?

Only ever play with people we know (and pray they haven't been hacked)?

Go and live underground?

Seriously, if someone is that dedicated to hacking your acocunt then you may well be screwed. But my question to you would be this - if it was that damn easy then why has no one hacked people high up the leaderboards yet? Surely their cards are the biggest juiciest prize's on offer, and they play that much that they have probably crossed paths with countless other people, yet they aren't being hacked.

So I think things aren't as bad as your doom and gloom prediction makes out.

Psycho Chickan
05-13-2009, 12:24 PM
My two cents (need the posts so I can join the 1000s club :))

1. Good idea to have a dedicated forum for those that wish to discuss the topic. I don't think it would be wise to discuss the methods tho as further advertising would only make idiots want to try it out

2. Good idea about the gamertags for those that you know are dodgy. Hopefully these would have been reported to Microsoft too of course. It means people could refer to your list when approached with a friend request or game invite from an unknown. Means they'd have to check every invite and be online to look at the list and look thru all the crap posts to get to the list but... :)

3. A question. What's the point of someone hacking an account? Why would anyone bother? All it does is create an inconvenience for me as I lose all my points. They don't get any persoinal info about me unless they have access to the MS databases and, if they had access to that and knew my gamertag, couldn't they just look it up there?

Number 3 is a real question btw, not meant to be taken sarcasticly (dammit Safari I know that's spelt incorrectly but I don't know the right spelling!!!)

EDIT: PS - I personally don't think that this is a forum I would visit or really be interested in. I work in IT and know how vulnerable damn near everything is but this site isn't really somewhere I go for technical hacking info. That said it's not a stupid idea and not worthy of the ridicule you've received in this and the other forearm. There is a great deal of interest in the topic so I think it's valid to add. Those that don't like it can just not visit :)

jackanape
05-13-2009, 01:55 PM
I don't think he is being ridiculed.

As far as I see it, it is not the admins duty to report issues to Microsoft and even if they did, why would MS listen to us in the first place?

If you have a specific security issue, or think you have spotted a problem with MS security and want to let them know about it - then just do it yourself. Why come onto a website, post your issue and then expect them to take it up with MS? That makes no sense.

As people have already said: a forum full of potential hack exploits and the like, is asking for trouble. If the forum was therefore only visible to mods etc then what would be the point?

dakisbac
05-13-2009, 03:11 PM
I could see the point of making it admin read only. Say I think I've found an exploit and the easiest way I could get that information to M$ is by posting it here for x360a to pass along. It makes much more sense making it so that the only people that can read about my exploit are the ones going to tell M$ to get it fixed and not people that will take advantage of it.

That said, I see no need for this forum. As it's been said, we as individuals can just as easily inform M$ as the site can, although I will agree an individual is less likely to be taken seriously.

@ Skillet: he's right about information being passed on just by playing. The most basic information which anyone can find out if they were so inclined is someone's IP address. Simply monitor your 360 traffic and you have someone's IP. From there you can have your basic, free trace which gives the city of the person, or for the serious people who will pay, an exact address. You could play with me for two minutes and another two minutes can pass and I could know exactly where you live.

If I could get someone's address that easy. you think it's that much harder to get a credit card number? Not for someone who knows what they're doing. Someone who knows what they're doing wouldn't even need to trace an IP, they could just crack into your account and get all your personal information, including a CC#

gallardolvr
05-13-2009, 03:24 PM
i would def support this, i do know a lot of the big time game savers and modders and would be able to point out the bad apples from the good ones... i also have good knowledge on how most of these bullshit scams and cracks work and would also be able to point out what to look for...

gallardolvr
05-13-2009, 03:43 PM
If I could get someone's address that easy. you think it's that much harder to get a credit card number? Not for someone who knows what they're doing. Someone who knows what they're doing wouldn't even need to trace an IP, they could just crack into your account and get all your personal information, including a CC#
actually it would be near impossible to use any info thats on your xbox about your Credit Card, you might be able to make a purchase for points and gift them to the hackers main account, but i dont know if they allow you gift anymore...

dakisbac
05-13-2009, 04:16 PM
What are you talking about? Let's say I have a CC on file (I don't, but let's say) and you can see my registered information. There is my address, name, birthdate, and credit card #. Buying a few measly M$ points (which is restricted anyway, to 10,000 MSP) is nothing, but with that information someone could commit identity theft.

Skillet
05-13-2009, 04:33 PM
I could see the point of making it admin read only. Say I think I've found an exploit and the easiest way I could get that information to M$ is by posting it here for x360a to pass along. It makes much more sense making it so that the only people that can read about my exploit are the ones going to tell M$ to get it fixed and not people that will take advantage of it.

That said, I see no need for this forum. As it's been said, we as individuals can just as easily inform M$ as the site can, although I will agree an individual is less likely to be taken seriously.

@ Skillet: he's right about information being passed on just by playing. The most basic information which anyone can find out if they were so inclined is someone's IP address. Simply monitor your 360 traffic and you have someone's IP. From there you can have your basic, free trace which gives the city of the person, or for the serious people who will pay, an exact address. You could play with me for two minutes and another two minutes can pass and I could know exactly where you live.

If I could get someone's address that easy. you think it's that much harder to get a credit card number? Not for someone who knows what they're doing. Someone who knows what they're doing wouldn't even need to trace an IP, they could just crack into your account and get all your personal information, including a CC#

Alright... fine.

66.82.9.55

Now tell me where I live. You have four minutes.

EDIT: The problem with your argument is the fact that if it were really so easy to obtain someone's personal information via their IP address, the internet would die. There would be so many instances of identity theft... a single "hacker" could obtain millions of dollars per day before they were ever caught. Multiply that by about... say 500 moronic people intelligent enough to do it and the government has the biggest mess to handle since World War 2.

And as I said before, short of working at Microsoft, there is no way for someone to figure out your credit card number through your account with Microsoft. It's not even visible to you.

dakisbac
05-13-2009, 04:40 PM
Address: 11717 Exploration Lane
City: Germantown
StateProv: MD
PostalCode: 20876
Country: US

Doubt that's you, but okay.

Skillet
05-13-2009, 04:44 PM
Address: 11717 Exploration Lane
City: Germantown
StateProv: MD
PostalCode: 20876
Country: US

Doubt that's you, but okay.

That's probably the address for my ISP.

Which I believe I explained in Bronco's other thread.

Good luck wrestling my account info from them.

dakisbac
05-13-2009, 04:53 PM
EDIT: Whatever, I don't care. I'm going to sleep, I have to work at midnight. Ta ta

Skillet
05-13-2009, 05:04 PM
You haven't really proved anything. http://www.find-ip-address.org/ will give you your own information. There are places you can use to find other people's information, but I'm not going to bother search for em, I've made my point. I've guessed that you have to pay for the ones that will give you exact details.

My other point is that a real hacker won't even need to do this to get your information, their best source is what they see listed in your registered information.

Oh... what my address?

Telephone number?

Name?

Wouldn't want a hacker getting a hold of a phone book then! And I guess I better take the house number off of my mailbox. As for IPs.. I guess you better leave this site. Think about it... every administrator, moderator, and member who has moderator powers in a specific forum can view your IP address. I can view the IP of anybody in the media board.

Seriously. Quit with the conspiracy crap. It's getting really old and I'm tired of this argument.

As has been said many, many times before, all accounts that have been "hacked" have been traced back to phishing. Don't give out your info... you don't lose your account.

It's as simple as that.

gallardolvr
05-13-2009, 05:07 PM
What are you talking about? Let's say I have a CC on file (I don't, but let's say) and you can see my registered information. There is my address, name, birthdate, and credit card #. Buying a few measly M$ points (which is restricted anyway, to 10,000 MSP) is nothing, but with that information someone could commit identity theft.
no it only has the last 4 digits

ZZBroncos
05-14-2009, 09:23 PM
I have to run to a panel discussion on IO of the Taliban and Al Qaeda in Afghanistan. I will try to hit all of your concerns tomorrow sometime as I have other demands on my time tonight.

I will touch the smallwarsjournal.com issue. The fact that it is absent 12 years and made up of retired military (which is incorrect, since there are active duty, reserve, civilian, government employees ect.) is irrelevant. Most if not 80% of the community is at least 17 years old. Yet the incivility is a huge issue here. If it were only 12 year olds I would just say that their parents need to see what they are posting but its not. Personally, I think people should be suspended from the site for a period of time for violating ToS or CoC of X360a for posts they made. I just want stringent punishment for those that repeatedly flame for any reason. It is a video game site dedicated to acquiring achievements, no where near as serious as the issues discussed on that site and yet they are many orders of magnitude more civil than is present (normally) on this site.


I am amazed (no offense intended towards you two) and will thank Skillet and Tussell for their civility as I stopped participating on the forums because many of the community members of this site's first instinct is to flame just to flame. You two have renewed my faith, I guess you could call it that, in this site in regards to having civilized discussions. Again, thank you.

Gotta run, I will be back tomorrow.

*Note: I do love this site and it is painful to have typed the things above, but it is true.

**Note: Not touching your information as I am not authorized to do anything domestically and my job is infinitely more important than proving a point on this site.

Skillet
05-14-2009, 10:01 PM
**Note: Not touching your information as I am not authorized to do anything domestically and my job is infinitely more important than proving a point on this site.

Yet... you keep trying.

Perserverence is admirable but kind of pointless in this instance. There's you and one or two others with your doomsday international security conspiracy that has somehow seeded itself over to the 360 and think that the Admin team here (that you say could learn from the best, apparently) are the ones who should do something about it.

And you and those few people are against just about everyone else who has posted here and in your other thread.

As for the maturity of this site, it's rather mature.

It still doesn't pay to compare a site with 300,000 members to a site with what, a thousand? Maybe two? Especially when the other site is, as you say, current military. They're trained to be disciplined, are they not? Of course it's more mature.

Shelton
05-15-2009, 02:50 AM
ZZBroncos-Everyone in this thread has been civil.

Not sure what you consider flaming to be. Sure, we've disagreed with you, but we've done it in a polite way.

ZZBroncos
05-15-2009, 12:35 PM
ZZBroncos-Everyone in this thread has been civil.

Not sure what you consider flaming to be. Sure, we've disagreed with you, but we've done it in a polite way.

That was the point, and I was pointing two people out who HAVE been posting somewhat constantly. I am not syaing people are not being civil on this thread. I am pointing out how almost every single thread here is filled with flames. It was a tangent I noticed.

ZZBroncos
05-15-2009, 12:49 PM
Perserverence is admirable but kind of pointless in this instance. There's you and one or two others with your doomsday international security conspiracy that has somehow seeded itself over to the 360 and think that the Admin team here (that you say could learn from the best, apparently) are the ones who should do something about it.

And you and those few people are against just about everyone else who has posted here and in your other thread.


I do not think the admin team can do anything. The point I was trying to get across was that it is ludicrous to really consider your account secure or anything else you do by internet. The whole reason behind that was a few people had suggested I was 'not knowledgeable' in this area and that Xbox Live had nothing to worry about in so far as security is concerned.

*Note: The point about not providing you information from the IP address you posted just to prove a point is
1) It is Illegal
2) I am not authorized to do anything of that nature domestically without Writ of Habeas Corpus
3) It is irrelevant to gather information over Xbox Live. If I played with you, and you wanted me to grab the IP then do it, yes it would be relevant. This is not as there are hundreds of thousands of people that do that daily. I do not see how I need to 'prove' something is understood to be so. Itís like being asked to prove how gunpowder propels a bullet since you (hypothetically) believe that it is magic. It would be a waste of time.

Gotta run again, I will be replying to the posts that will require significantly more time. Later

jackanape
05-15-2009, 01:58 PM
I do not think the admin team can do anything. The point I was trying to get across was that it is ludicrous to really consider your account secure or anything else you do by internet. The whole reason behind that was a few people had suggested I was 'not knowledgeable' in this area and that Xbox Live had nothing to worry about in so far as security is concerned.

*Note: The point about not providing you information from the IP address you posted just to prove a point is
1) It is Illegal
2) I am not authorized to do anything of that nature domestically without Writ of Habeas Corpus
3) It is irrelevant to gather information over Xbox Live. If I played with you, and you wanted me to grab the IP then do it, yes it would be relevant. This is not as there are hundreds of thousands of people that do that daily. I do not see how I need to 'prove' something is understood to be so. Itís like being asked to prove how gunpowder propels a bullet since you (hypothetically) believe that it is magic. It would be a waste of time.

Gotta run again, I will be replying to the posts that will require significantly more time. Later

My question is simply this. If it was as simple to hack anyones account as you claim it is - then why isn't this a widespread issue? As if the hackers got away with it once they are hardly going to sit back and say 'enough is enough'.

More importantly why aren't people at the top of various leaderboards being hacked? As they are surely the most obvious target.

I know of people who have been hacked and invariably they have been sucked into some kind of website based scam that asks for their details. Hard luck for them - but they did eventually get their accounts back. If you could name me just ONE person that you KNOW has had their account taken without them posting their details somewhere they shouldn't then maybe you'd have a point. But I can't see it happening as people (whether they admit it or not) have only been taken down via some kind of web based scam and not just by playing one game with someone.

dakisbac
05-15-2009, 02:00 PM
I came across as civil? Damn it.

*flames Skillet*

*flames gallardolvr*

*flames your mom*

etc

Skillet
05-15-2009, 09:42 PM
I do not think the admin team can do anything. The point I was trying to get across was that it is ludicrous to really consider your account secure or anything else you do by internet. The whole reason behind that was a few people had suggested I was 'not knowledgeable' in this area and that Xbox Live had nothing to worry about in so far as security is concerned.

*Note: The point about not providing you information from the IP address you posted just to prove a point is
1) It is Illegal
2) I am not authorized to do anything of that nature domestically without Writ of Habeas Corpus
3) It is irrelevant to gather information over Xbox Live. If I played with you, and you wanted me to grab the IP then do it, yes it would be relevant. This is not as there are hundreds of thousands of people that do that daily. I do not see how I need to 'prove' something is understood to be so. It’s like being asked to prove how gunpowder propels a bullet since you (hypothetically) believe that it is magic. It would be a waste of time.

Gotta run again, I will be replying to the posts that will require significantly more time. Later

Nice post. Plenty of 5 dollar words. You need to prove it because nobody else believes it exists. This entire thread and the previous one are rendered completely pointless because you're jumping up and down screaming "OMG LOOK AT ME UR IN DANGR!!!1" and you have nothing to back it up.

My question is simply this. If it was as simple to hack anyones account as you claim it is - then why isn't this a widespread issue? As if the hackers got away with it once they are hardly going to sit back and say 'enough is enough'.

More importantly why aren't people at the top of various leaderboards being hacked? As they are surely the most obvious target.

I know of people who have been hacked and invariably they have been sucked into some kind of website based scam that asks for their details. Hard luck for them - but they did eventually get their accounts back. If you could name me just ONE person that you KNOW has had their account taken without them posting their details somewhere they shouldn't then maybe you'd have a point. But I can't see it happening as people (whether they admit it or not) have only been taken down via some kind of web based scam and not just by playing one game with someone.

:whs

I came across as civil? Damn it.

*flames Skillet*

*flames gallardolvr*

*flames your mom*

etc

Um... yeah.

*yawns*

As far as this entire conversation goes, I'm tired of hearing you cry wolf and watching all of the towns people come running. Either prove that the wolf was there, or end the joke and go back to watching the sheep like you're supposed to.

I made my case and I'm finished arguing.

Have a nice day.

ZZBroncos
05-16-2009, 03:47 AM
Nice post. Plenty of 5 dollar words. You need to prove it because nobody else believes it exists. This entire thread and the previous one are rendered completely pointless because you're jumping up and down screaming "OMG LOOK AT ME UR IN DANGR!!!1" and you have nothing to back it up.







Um... yeah.

*yawns*

As far as this entire conversation goes, I'm tired of hearing you cry wolf and watching all of the towns people come running. Either prove that the wolf was there, or end the joke and go back to watching the sheep like you're supposed to.

I made my case and I'm finished arguing.

Have a nice day.

I gave you a simple way of 'hacking' accounts without even an IP Address. I will not provide that method to you. Now, since we are done 'posturing' can we debate the validity. It is not debatable as to whether or not it is possible. The easy ways anyone can do and they work WITHOUT ANY INFORMATION. Doing it with the IP address is more risky but yeilds much more than just the Xbox Live account.

Go back to being a good sheep.

The reason high profile accounts are not hacked more often is the visibility of the hack would create bring more heat than is wanted. You hack | The | Game| or Kiss The Ground or ||SFD|| V3nUS you will be hunted down by Microsoft and the authorities. Hack some random kid, say DeadAiim, and Microsoft will not notice and most people will not. I know as he has had that happen twice (deservingly so as he is worthless). He did not get his first two accounts back and unfortunately his most recent one has not been hacked.

*Edit: Numerous articles on MLG Halo2 and MLG Halo 3 players who have their accounts hacked so consistently they no longer bother calling CS to help them recover their gamertag.

It is like hacking the DoD. You do it ONLY if you have a safe point of origin and you can route it through say the British MI6 or Israeli Mosod.

Now, if each one of you want me to show you how to hack an account, go ask an admin if that its okay, as I doubt it. I showed one member and that is probably one too many according to how the Site functions. If the admins approve, I will but I will not be posting it on a public forum. Remember the 12 year old kids we were talking about?

Admins, send me a message or post here on how much lee-way I have. I love X360a and respect it hence I do not want to do anything to become banned. Thank you.

ZZBroncos
05-16-2009, 02:48 PM
Alright... fine.

66.82.9.55

Now tell me where I live. You have four minutes.

EDIT: The problem with your argument is the fact that if it were really so easy to obtain someone's personal information via their IP address, the internet would die. There would be so many instances of identity theft... a single "hacker" could obtain millions of dollars per day before they were ever caught. Multiply that by about... say 500 moronic people intelligent enough to do it and the government has the biggest mess to handle since World War 2.

And as I said before, short of working at Microsoft, there is no way for someone to figure out your credit card number through your account with Microsoft. It's not even visible to you.

Fail

27.3 million Americans have had their identity stolen from September 2003 to February 2007. $55.8 Billion dollars in fraud damages. Businesses lost $47.6 Billion due to Identity Theft. Yeah... Not common right? Just 9% of America, and the equivalent of 2/3 of the funding for Iraq in 2005. Nothing major.

The government has other priorities, if you have not noticed. The CIA, NSA, DIA, DoD, FBI, just to name a few, have their hands tied twenty different ways and their 'experts' have circles run around them by the freelance hackers and crackers. Plus, it would destroy the economy if all of a sudden the Federal Government came out and told the people that they have not been doing their jobs as laid out in the Constitution because they were too busy playing politics with every other issue so do not use the internet until we fix it. Imagine the panic.

Be content to just assume the government is working, is protecting you. They can do only so much and this nonchalant attitude could easily hurt you in the years to come. If you really, really, think the internet is secure, the government will protect you, that there is nothing to worry about, I am sorry but that is psychotic (not in touch with reality). Please, go read one, just one, book on cyber warfare and the lack of any security on the Internet.

As to what you characterized Smallwarsjournal, you do realize there are more civilians on that site than active duty, right? People like ZZBroncos and Skillet and xodakok. If only people in the military understand how to be civil in this country, it just shows the lack of understanding of what this country was meant to be.

Lastly, I believe you are playing devils advocate here Skillet, but can you provide anything to back up what you are saying about the internet is secure along with Microsoft? I am not trying to be an ass, but arguing logic (faulty) with someone when logic is only superficial is superfluous especially when the facts align very neatly with one side. There is a reason I never discuss COIN on this site or with anyone who has no idea what that phrase even means. Logic runs counter to 5000 years of history with COIN and so do your arguements about internet security ( for only around 20 years).

jackanape
05-16-2009, 06:16 PM
Fail

27.3 million Americans have had their identity stolen from September 2003 to February 2007. $55.8 Billion dollars in fraud damages. Businesses lost $47.6 Billion due to Identity Theft. Yeah... Not common right? Just 9% of America, and the equivalent of 2/3 of the funding for Iraq in 2005. Nothing major.

The government has other priorities, if you have not noticed. The CIA, NSA, DIA, DoD, FBI, just to name a few, have their hands tied twenty different ways and their 'experts' have circles run around them by the freelance hackers and crackers. Plus, it would destroy the economy if all of a sudden the Federal Government came out and told the people that they have not been doing their jobs as laid out in the Constitution because they were too busy playing politics with every other issue so do not use the internet until we fix it. Imagine the panic.

Be content to just assume the government is working, is protecting you. They can do only so much and this nonchalant attitude could easily hurt you in the years to come. If you really, really, think the internet is secure, the government will protect you, that there is nothing to worry about, I am sorry but that is psychotic (not in touch with reality). Please, go read one, just one, book on cyber warfare and the lack of any security on the Internet.

As to what you characterized Smallwarsjournal, you do realize there are more civilians on that site than active duty, right? People like ZZBroncos and Skillet and xodakok. If only people in the military understand how to be civil in this country, it just shows the lack of understanding of what this country was meant to be.

Lastly, I believe you are playing devils advocate here Skillet, but can you provide anything to back up what you are saying about the internet is secure along with Microsoft? I am not trying to be an ass, but arguing logic (faulty) with someone when logic is only superficial is superfluous especially when the facts align very neatly with one side. There is a reason I never discuss COIN on this site or with anyone who has no idea what that phrase even means. Logic runs counter to 5000 years of history with COIN and so do your arguements about internet security ( for only around 20 years).

It's one thing to be polite but this really has to be said - what the FUCK are you talking about?

This started as a thread to request a forum on MS security issues (presumably related to gamercard hacking) and has now become your own conspiracy theory thread on why the country is not protected and how much trouble any user of the internet could be in.

Let's assume you are right. That no site is secure, that our gemercards can be easily hacked at the drop of a hat and that our personal details can be quickly and conveniently snagged by ANYONE at the drop of a hat. That being the case, well, I just don't care.

After all, if its that damn easy then I'm inevitably screwed so I may as well just wait for the worst to happen. I could report my concerns to this site, Microsoft or the government - but what would be the point as you claim they are all useless/powerless against the hackers anyway. So let's all just hide under the blanket and cry about it, or we could just get on with our lives - I know which one I'm choosing.

Here is the low down - gamertags are generally useless so the only reason people hack them is either to be annoying, swipe some MS points or to grab an account with a massive gamerscore to pass off as their own (which blows your theory out of the water). MS does not monitor gamertags high up the leaderboards any more vigilantly then those at the bottom, so why would an all powerful hacker be put off by that? They wouldn't.

This thread has gone above and beyond its original remit and now you are just saying whatever you like (see your bolded comment - WHAT?) in a bid to sound superior and knowledgable is getting old. You are just throwing out one theory after another with your only back up being - well I COULD prove it, but I;m not authorised. If you were that advanced in terms of programming etc then shouldn't you have a job, which I'm assuming you don't seeing as you said your live account was in your dad's name and paid for by him. Why would he need to do that if you were some kind of hot shot programmer?

This is getting ridiculous now. I'll pass on your initial suggestion to an admin and then asked for this to be locked. It has nothing to do with this site.