Plex hacked

So... is the encryption on the passwords feasible to break or are you changing passwords just because you had a simple one someone could break with a password list.

In my case it wasn't like it was a simple dictionary word type password, it was still a combination of upper/lower case and numbers but it was simple compared to all my new passwords and it was one my last remaining shared passwords. Don't know if I was even in the firing line on this one but I'd forgotten about Plex until I saw this topic and realised it was worth changing.
 
It's a media streaming system that allows you to access your media anywhere in the world or out of your home you can also use it as a media centre at home. What's great about it is that it can transcode the stream to allow for lower bandwidth, you can stream it anywhere, it's really useful. :)

Aah...

That sounds nifty, I'll have a look. Thanks :)
 
What are the ramifications of him releasing the data? People can pick up the user & hashed/salted pw then try cracking it?

I'm not sure how where else I've used my plex pw.
 
What are the ramifications of him releasing the data? People can pick up the user & hashed/salted pw then try cracking it?

I'm not sure how where else I've used my plex pw.

Cracking the encryption is far less likely than taking the usernames and running a brute force with a password list.
 
The data can also be used for social engineering attacks. Such as phishing emails to all users in the list asking them to update their password. They will have enough data (usernames etc.) to make the emails look pretty authentic.
 
Yeah sure

Do you struggle to remember what a single line post says? Is that why you need to break it up?

I shall reply to your post in kind as you seem to want to argue about something and quite frankly I'm bored so let me break down your post into chunks that you will be able to manage and then reply. If you struggle with any of it please let me know and I'll break out the baby words:


Yeah sure, why not go after HSBC whilst he's at it?

He could if he had the skill. He doesn't, which is why he hacked something that 99% of the users on there couldn't give a toss about. Put it this way:

A good criminal will commit crimes that will look after him / her for a while. It's all about risk / reward. Maybe rob a jewellery store or something, so the returns are good for the effort involved and as it's a one off, he / she will only have one record which means a lesser sentence if they get nabbed.

Your "hacker" here is more of an opportunist. A bit like a pickpocket in a mall, only grabbing a bag or wallet or something if the opportunity arises, whilst the real deal are loading a load of expensive cars on to a lorry out of sight. Make sense? He didn't target Plex. Nobody would. He probably tried other sites and realized he didn't have the ability to compromise them so resorted to what he could get.

Whilst I don't condone any of this behaviour, if someone could hack HSBC and get away with it, they'd get a raised eyebrow and a cheeky wink from me, but then I'm biased against banks. I'm assuming the point you're trying to make is that it'd be too hard for someone to hack the likes of BTC-e or Bittrex, thus reinforcing my theory that this hacker simply didn't have the ability. To put that to rest, I suggest you do a bit of reading on Mintpal and Mt Gox, two very large exchanges which were both hacked. So it is possible, it's just that dumbass over here was either too thick to think of it or lacked the skill. Let's be honest, asking for bitcoins or just blatantly stealing them straight from a site are two completely different things, if I were in that position and had the ability to do so, I know which I'd go for.


I bet you tell robbers to go after Fort Knox as well?

I don't tell robbers to go after anything, but if I did, I certainly wouldn't tell them to rob a military institution which would have at most a fancy pen and a pair of handcuffs worth stealing. If you're going to try and be condescending to people you've never met or dealt with, please do a bit of research first as someone robbing Fort Knox would be as stupid as someone hacking a forum.



The rest of your post is just more condescending drivel so I'm not going to bother, but I will add one more thing which I suspect is probably being wondered by a few others too:

Are you the hacker or are you bumming him?
 
Do you struggle to remember what a single line post says? Is that why you need to break it up?

No, it's just an effective way to respond to various points.

He could if he had the skill. He doesn't, which is why he hacked something that 99% of the users on there couldn't give a toss about.

Except you of course, angry that he didn't target an exchange...

I'm assuming the point you're trying to make is that it'd be too hard for someone to hack the likes of BTC-e or Bittrex, thus reinforcing my theory that this hacker simply didn't have the ability. To put that to rest, I suggest you do a bit of reading on Mintpal and Mt Gox, two very large exchanges which were both hacked.

Mt Gox is the very reason why I laughed at your original comment about trying to exploit an exchange. People are wise to it, and they would have invested heavily in security. Mt Gox may have been an inside job anyway, an issue of embezzlement.

Any hacker trying to hack an exchange would probably be wasting their time. It's not a question of skill, but of effective use of time.

The rest of your post is just more condescending drivel so I'm not going to bother, but I will add one more thing which I suspect is probably being wondered by a few others too:

Are you the hacker or are you bumming him?

Your original post was condescending, "oh I'm angry it got hacked, I know I'll insult her/his skill because the site wasn't a heavily fortified BTC exchange." Please.
 
Back
Top Bottom