Plex hacked

Can you give me one conceivable reason I could be angry about someone hacking Plex? I certainly can't think of any. Hack away, no skin off my nose. All I said was that he is a crap hacker, hacking something that 99% of people couldn't care about and then advertising it like he's just discovered the holy grail, what with his pittance of a ransom and all.

Your point about people getting wise to it is also invalid. Mintpal, as mentioned, was hacked. Mt Gox was hacked. Wasn't Cryptsy hacked at some point too? You seem to want to point out that just because someone was hacked, every other website will suddenly be hack proof. Bit of a stupid thing to say don't you think? I'm pretty sure you could find loopholes or exploits in other exchanges if you looked hard enough. Sadly your hacker doesn't seem to know how but would rather take on something more appropriate to his skill level: a forum nobody cares about. The fact that he's asking for such a pittance only confirms to me that he is aware of what a tragic feat it is he's accomplished.

The fact is that I consider your hacker friend to be a moron, a fact I will stand by. He's put himself in danger of getting arrested now, and for what? Less than £2k? And you want to talk about effective time? I think you should take risk in to the equation too.



No need to say please either. I will gladly reply to your posts.

That said, you still didn't answer my question:


Are you the hacker or are you bumming him?
 
If the passwords were hashed and salted properly then there's no way he's going to brute force them and he can't use a rainbow table. Only chance of him getting your password is if it's really weak.
 
If the passwords were hashed and salted properly then there's no way he's going to brute force them and he can't use a rainbow table. Only chance of him getting your password is if it's really weak.

So a lot of users are going to have their passwords stolen bearing in mind the average "1234password".
Seriously though, I thought this might be the case as I think the hacker may have just been trying his luck rather than attempting to be truly malicious so he was just hoping to make some quick cash from what may/may not have worked based as it was probably based on luck.

Also I wish when I hear "hashed and salted" I didn't think of pretzels.:p
 
My plex password alas is one of the only ones I don't use a Keepass generated one for, because it's a pain in the ass to enter it on the FireTV or the smart tv using the remote control. Guess I should bite the bullet though and have gone for a keepass one.

Ironically this is the second time I have had to recently do it as I accidentally committed my previous one to some unit tests in a GitHub plex based project, sods law really.
 
How much damage can be done by releasing thus data?

Supposedly very little as the methods used when storing the data should make it hard to "decrypt" (Feel free to correct me for using incorrect terminology). However you never know so it's always best to change passwords anyway.

Apparently being "Hashed & Salted" adds extra info to the stored password data so it would be difficult to use the password without having access to the method used to "Hash/Salt" the password to begin with to retrieve the original version.

That's what I have gathered from research anyway. :confused:
 
Last edited:
Slower to decrypt, never impossible. And seeing as so many users have the same password for everything it may very well be worth somebodies time to crack these.
 
Back
Top Bottom