Channel Register

Comments on: Photobucket tipped over by Turkish hacker

No personal information? 

Posted Wednesday 18th June 2008 15:58 GMT

If they stole the domain name, that means the users' browsers would be submitting their cookies to the attacker's server. That means that anything stored in the user's cookie (for example, session IDs) could be compromised, just not their stored data.

@Ron 

Posted Wednesday 18th June 2008 20:11 GMT

Black Helicopters

Exactly what I was thinking. Some sites go so far as to simply hash the username and password (I like to think a big site like Photobucket's smarter than this) into a cookie and just compare the hash every so often..

The fun part of that is that there's not really a way to tell for sure if cookiedata was taken until you get a copy of the source for the replacement page or what have you..

@Ron 

Posted Wednesday 18th June 2008 23:46 GMT

"No personal information? "

You beat me to the punch there,

And i thought i was a n00b,

who employs these people?

@All 

Posted Thursday 19th June 2008 08:07 GMT

IT Angle

You do realise El Reg includes such comments about "No personal information being stolen etc" are only included for our amusement.

How long......... 

Posted Thursday 19th June 2008 08:58 GMT

Happy

Before our Turkish friend is extridited to the USA to face criminal charges ?

Photobucket problem 

Posted Thursday 19th June 2008 14:12 GMT

I have been getting atspace.com when I request photobucket.com since Wed. June 18 about 4 a.m. PDT. It's now Thurs, 7 a.m. Before that, the same thing occurred from Tues. 2 p.m. to Wed. 2 a.m. Whatever they're doing is taking far longer than a few hours. My ISP is Comcast; I'm in Oakland, California.

What's the betting.. 

Posted Thursday 19th June 2008 14:34 GMT

Happy

..that the phrase "Pushti pezevenk" was in the message somewhere?