An Awkward Hacking Attempt? Turns out, No.

User avatar
Zoloft
Trustee
Posts: 13981
kołdry
Joined: Wed Mar 14, 2012 11:54 pm
Wikipedia User: Stanistani
Wikipedia Review Member: Zoloft
Actual Name: William Burns
Nom de plume: William Burns
Location: San Diego
Contact:

An Awkward Hacking Attempt? Turns out, No.

Unread post by Zoloft » Tue Aug 13, 2013 8:52 am

Yesterday, someone tried to reset the root password on our host account.

It didn't succeed, of course, but then (using the same IP) they tried to register a second account on the forum here.

They already had an account here. That would be a [finger quotes] "sock."

It was a fumbling, awkward series of moves, like a drunk frat boy trying unsuccessfully to remove his first brassiere.

:picard:

This sort of nonsense is fairly common.

It's just that this odd series of events was apparently performed by a sitting Wikipedia Arbcom member.

This is their notice that if they try such shenanigans again, I will inform the requisite authorities of the violation of law such intrusions represent.

The hosting company keeps accurate logs.

My avatar is sometimes indicative of my mood:
  • Actual mug ◄
  • Uncle Cornpone
  • Zoloft bouncy pill-thing


User avatar
lilburne
Habitué
Posts: 4446
Joined: Thu Mar 15, 2012 6:18 pm
Wikipedia User: Nastytroll
Wikipedia Review Member: Lilburne

Re: An Awkward Hacking Attempt

Unread post by lilburne » Tue Aug 13, 2013 9:33 am

NYB should be ashamed of himself.
They have been inserting little memes in everybody's mind
So Google's shills can shriek there whenever they're inclined

User avatar
Triptych
Retired
Posts: 1910
Joined: Thu Mar 14, 2013 12:35 am
Wikipedia User: it's alliterative

Re: An Awkward Hacking Attempt

Unread post by Triptych » Tue Aug 13, 2013 11:08 am

Zoloft wrote:Yesterday, someone tried to reset the root password on our host account. It didn't succeed, of course, but then (using the same IP) they tried to register a second account on the forum here. They already had an account here. That would be a [finger quotes] "sock." It was a fumbling, awkward series of moves, like a drunk frat boy trying unsuccessfully to remove his first brassiere.

This sort of nonsense is fairly common. It's just that this odd series of events was apparently performed by a sitting Wikipedia Arbcom member. This is their notice that if they try such shenanigans again, I will inform the requisite authorities of the violation of law such intrusions represent. The hosting company keeps accurate logs.
Wow. Socking is one thing but hacking is an unlawful activity, and depending on circumstances and practicality of prosecution can carry a term of imprisonment as penalty. I imagine you've triplechecked your data and assumptions, Zoloft. Tens of thousands of people can use a single IP, I think, but realistically at a moderately trafficked site like this, I'd suppose you can review logs and probe with your tools and get pretty solid level of confidence it's the same guy (and site member!) poking around. I can't believe whoever would've been stupid enough to hack from his regular home Internet connection?!

Humbly I'd suggest you challenge every assumption you have, triplecheck every datapoint, and invite the other sysops to review the incident. Times like these it'd be nice to have a checkuser on tap to run down the suspected Arbcom connection. It'd be indefensible for him or her to checkuser the Wikipedia account but perhaps fair game on the IP, given a tip-off that it's engaged in hacking and socking and believed to have a Wikipedia connection.

I'd like to see a front-page blog article on this, seems like it would get main-stream press attention, but I figure it'd be inherently difficult to get the high level of certainty needed. Again, wow.

PS: Nice work spotting and handling this event, Zoloft. It'd be a shame if someone got in and wiped out the database. I mean Wikipediocracy is not the Washington Post or Christian Science Monitor, but there've been some decent front page features, and even in the forum there's sometimes insightful and influential conversation amidst the chatter and routine.

Edited to insert postscript.
Triptych. A Live Journal I have under other pseudonym, w. email address: Tim Song Fan. My Arbcom Accountability Project: in German. In art.

User avatar
DanMurphy
Habitué
Posts: 3136
Joined: Sat Mar 17, 2012 11:58 pm
Wikipedia User: Dan Murphy
Wikipedia Review Member: DanMurphy

Re: An Awkward Hacking Attempt

Unread post by DanMurphy » Tue Aug 13, 2013 11:35 am

Zoloft wrote:Yesterday, someone tried to reset the root password on our host account.

It didn't succeed, of course, but then (using the same IP) they tried to register a second account on the forum here.

They already had an account here. That would be a [finger quotes] "sock."

It was a fumbling, awkward series of moves, like a drunk frat boy trying unsuccessfully to remove his first brassiere.

:picard:

This sort of nonsense is fairly common.

It's just that this odd series of events was apparently performed by a sitting Wikipedia Arbcom member.

This is their notice that if they try such shenanigans again, I will inform the requisite authorities of the violation of law such intrusions represent.

The hosting company keeps accurate logs.
You should bring it up with the appropriate authorities now. I'd name who you think it is too - otherwise too easy to dismiss as pot-stirring.

User avatar
Peter Damian
Habitué
Posts: 4201
Joined: Thu Mar 15, 2012 8:14 pm
Wikipedia User: Peter Damian
Wikipedia Review Member: Peter Damian
Location: London
Contact:

Re: An Awkward Hacking Attempt

Unread post by Peter Damian » Tue Aug 13, 2013 11:56 am

I raised this at the Trustees' forum. I wanted to understand whether it was malicious or accidental. It doesn't seem as though it was accidental. I mean, I don't know really what a root password is for an internet server, and I wouldn't have the faintest idea where to look for one. This suggests that anyone actively looking to change it must have had some idea what they were doing. But I'm not an expert.

There is no doubt about the identity of the arbitrator, I'll say that much.
οὐκ ἀγαθὸν πολυκοιρανίη: εἷς κοίρανος ἔστω

User avatar
HRIP7
Denizen
Posts: 6953
Joined: Thu Mar 15, 2012 2:05 am
Wikipedia User: Jayen466
Wikipedia Review Member: HRIP7
Actual Name: Andreas Kolbe
Location: UK

Re: An Awkward Hacking Attempt

Unread post by HRIP7 » Tue Aug 13, 2013 12:13 pm

lilburne wrote:NYB should be ashamed of himself.
It wasn't NYB.

Reaper Eternal
Contributor
Posts: 36
Joined: Thu Aug 23, 2012 3:57 pm
Wikipedia User: Reaper Eternal
Actual Name: Brian Phillips
Location: Ohio

Re: An Awkward Hacking Attempt

Unread post by Reaper Eternal » Tue Aug 13, 2013 12:23 pm

lilburne wrote:NYB should be ashamed of himself.
I don't think Newyorkbrad has the technical ability to perform such actions. Furthermore, he's a lawyer and would know what THAT would bring down on his head.
Peter Damian wrote:I wanted to understand whether it was malicious or accidental.
No way in hell it was accidental IMHO. Attempting to reset the password on another poster's account MIGHT be accidental due to auto-form-fill-screwups filling in the wrong account name. Attempted resetting of the host's password requires knowledge of where to look.
Zoloft wrote:It's just that this odd series of events was apparently performed by a sitting Wikipedia Arbcom member.
Are you sure? Pretty much anybody with the technical know-how to do it would know to use an open proxy, tor, or a VPN. Additionally, they'd know that resetting the password isn't going to work.
Last edited by Reaper Eternal on Tue Aug 13, 2013 12:26 pm, edited 1 time in total.

User avatar
Michaeldsuarez
Habitué
Posts: 1764
Joined: Sun Mar 18, 2012 2:10 am
Wikipedia User: Michaeldsuarez
Wikipedia Review Member: Michaeldsuarez
Location: New York, New York

Re: An Awkward Hacking Attempt

Unread post by Michaeldsuarez » Tue Aug 13, 2013 12:24 pm

Zoloft wrote:It's just that this odd series of events was apparently performed by a sitting Wikipedia Arbcom member.

This is their notice that if they try such shenanigans again, I will inform the requisite authorities of the violation of law such intrusions represent.
Have you contacted ArbCom directly about your suspicions? There aren't any guarantees that the Arbitrators that visit this forum will bring the matter up on their mailing lists.

turnedworm
Critic
Posts: 294
Joined: Sat May 05, 2012 8:07 am
Wikipedia User: Worm That Turned
Actual Name: Dave Craven

Re: An Awkward Hacking Attempt

Unread post by turnedworm » Tue Aug 13, 2013 12:29 pm

I sent Zoloft the following PM when I first saw this post. Based on the further comments in this thread, i'll say it again here.
Given that NYB and I are the only two (to the best of my knowledge) sitting arbcom members who use Wikipediocracy, and the respect that I have NYB - I'm going to guess that you're pointing the finger at me.

I have no knowledge of the events you are describing, I did not perform them. What's more, I do not know how or where you could try to reset the rooot password on your host account.

If it is indeed me that you believe is the culprit, I would ask that you not "hold off", but instead go ahead and take the action that you mention.

Dave

Hex
Retired
Posts: 4130
Joined: Thu Nov 01, 2012 1:40 pm
Wikipedia User: Scott
Location: London
Contact:

Re: An Awkward Hacking Attempt

Unread post by Hex » Tue Aug 13, 2013 12:41 pm

Just when you thought you were running short on :popcorn:...
My question, to this esteemed Wiki community, is this: Do you think that a Wiki could successfully generate a useful encyclopedia? -- JimboWales
Yes, but in the end it wouldn't be an encyclopedia. It would be a wiki. -- WardCunningham (Jan 2001)

User avatar
Michaeldsuarez
Habitué
Posts: 1764
Joined: Sun Mar 18, 2012 2:10 am
Wikipedia User: Michaeldsuarez
Wikipedia Review Member: Michaeldsuarez
Location: New York, New York

Re: An Awkward Hacking Attempt

Unread post by Michaeldsuarez » Tue Aug 13, 2013 12:42 pm

turnedworm wrote:I sent Zoloft the following PM when I first saw this post. Based on the further comments in this thread, i'll say it again here.
Given that NYB and I are the only two (to the best of my knowledge) sitting arbcom members who use Wikipediocracy, and the respect that I have NYB - I'm going to guess that you're pointing the finger at me.

I have no knowledge of the events you are describing, I did not perform them. What's more, I do not know how or where you could try to reset the rooot password on your host account.

If it is indeed me that you believe is the culprit, I would ask that you not "hold off", but instead go ahead and take the action that you mention.

Dave
Newyorkbrad and you aren't the only Arbitrators here. I recall AGK posting here in this forums' early days. There might be more, but I don't recall.

I'm not sure what evidence Zololf is basing his suspicions on (Email address from the account creation attempt?), but I find the idea that an Arbitrator would do this hard to believe.

User avatar
lilburne
Habitué
Posts: 4446
Joined: Thu Mar 15, 2012 6:18 pm
Wikipedia User: Nastytroll
Wikipedia Review Member: Lilburne

Re: An Awkward Hacking Attempt

Unread post by lilburne » Tue Aug 13, 2013 1:02 pm

HRIP7 wrote:
lilburne wrote:NYB should be ashamed of himself.
It wasn't NYB.
It was a fumbling, awkward series of moves, like a drunk frat boy trying unsuccessfully to remove his first brassiere.
Ah I misread.
They have been inserting little memes in everybody's mind
So Google's shills can shriek there whenever they're inclined

User avatar
Triptych
Retired
Posts: 1910
Joined: Thu Mar 14, 2013 12:35 am
Wikipedia User: it's alliterative

Re: An Awkward Hacking Attempt

Unread post by Triptych » Tue Aug 13, 2013 1:18 pm

Michaeldsuarez wrote:
turnedworm wrote:I sent Zoloft the following PM when I first saw this post. Based on the further comments in this thread, i'll say it again here.
Given that NYB and I are the only two (to the best of my knowledge) sitting arbcom members who use Wikipediocracy...
Newyorkbrad and you aren't the only Arbitrators here. I recall AGK posting here in this forums' early days. There might be more, but I don't recall. I'm not sure what evidence Zololf is basing his suspicions on (Email address from the account creation attempt?), but I find the idea that an Arbitrator would do this hard to believe.
I read AGK was in Hong Kong at Wikimania 2013 living the high life on the charity's dime with Sue Gardner and Oliver Keyes, breaking only to cast the final "save Oliver" vote in his and Kiefer's arbitration. Wikimania ended Sunday, and AGK couldn't really have returned by yesterday (Monday) could he? Lilburne's first comment re: NYB was so absurd a prospect that I took it as humor. Wormthatturned has just issued a public and unequivocal denial. There could be yet other arbs with accounts here.

I love a good whodunnit, and I think the thread is within the limits of propriety right now, but I caution the good people behind Wikipediocracy to avoid a direct statement of hacking against an other-than-merely-pseudonymous arbitrator, because I believe that would be an allegation of criminality. That is, unless you have a good faith and reasoned belief to do that.
Triptych. A Live Journal I have under other pseudonym, w. email address: Tim Song Fan. My Arbcom Accountability Project: in German. In art.

User avatar
Tarc
Habitué
Posts: 1568
Joined: Sun Mar 18, 2012 1:31 am
Wikipedia User: Tarc

Re: An Awkward Hacking Attempt

Unread post by Tarc » Tue Aug 13, 2013 1:18 pm

Zoloft wrote:Yesterday, someone tried to reset the root password on our host account.
What do you mean by this, exactly? The root of your own (presumably some flavor of unix) server on which this resides? Or did they click the "Forgot password" link on the support site, i.e. this ?

If it's the latter, that may be on a bit shakier grounds irt "hacking", if the authorities get involved.
"The world needs bad men. We keep the other bad men from the door."

User avatar
lilburne
Habitué
Posts: 4446
Joined: Thu Mar 15, 2012 6:18 pm
Wikipedia User: Nastytroll
Wikipedia Review Member: Lilburne

Re: An Awkward Hacking Attempt

Unread post by lilburne » Tue Aug 13, 2013 1:33 pm

I take it that when Z says host account he's not talking about the phpBB or wordpress apps but fastdomain account.
They have been inserting little memes in everybody's mind
So Google's shills can shriek there whenever they're inclined

dogbiscuit
Retired
Posts: 2723
Joined: Wed Mar 14, 2012 11:32 pm
Wikipedia User: tiucsibgod

Re: An Awkward Hacking Attempt

Unread post by dogbiscuit » Tue Aug 13, 2013 1:37 pm

Tarc wrote:
Zoloft wrote:Yesterday, someone tried to reset the root password on our host account.
What do you mean by this, exactly? The root of your own (presumably some flavor of unix) server on which this resides? Or did they click the "Forgot password" link on the support site, i.e. this ?

If it's the latter, that may be on a bit shakier grounds irt "hacking", if the authorities get involved.
As the speculation isn't helpful let's be clear what the events were.

1) We got the standard security email along the lines of "Someone has tried to change the password for the hosting package".
2) Zoloft was able to tie that via the IP address used to a new account request named obviously as related to the old account.
3) The old account was then able to log in at about the same time.

I am inclined to the thought that there was a confusion that led to trying to reset the password rather than a deliberate hacking attempt, as there wasn't any attempt at disguising the user. However, there are other possibilities (compromised account, stupidity, maliciousness). We were just surprised that if someone fell down the rabbit hole and found themselves at the door, trying to force the door is inappropriate (though I can understand rattling the door handle out of curiosity).

The point of Zoloft's post is that if someone was having some bright idea, they have been warned off, but as mentioned, it is not exactly clear and we should not put down to maliciousness what can easily be explained by beer or incompetence. :evilgrin:
Time for a new signature.

Hex
Retired
Posts: 4130
Joined: Thu Nov 01, 2012 1:40 pm
Wikipedia User: Scott
Location: London
Contact:

Re: An Awkward Hacking Attempt

Unread post by Hex » Tue Aug 13, 2013 2:54 pm

That sounds like massive technology skills failure to me, rather than an attempt at hacking. Particularly because of the "named obviously as related to the old account".
My question, to this esteemed Wiki community, is this: Do you think that a Wiki could successfully generate a useful encyclopedia? -- JimboWales
Yes, but in the end it wouldn't be an encyclopedia. It would be a wiki. -- WardCunningham (Jan 2001)

User avatar
Captain Occam
Gregarious
Posts: 886
Joined: Sun Nov 11, 2012 12:08 am

Re: An Awkward Hacking Attempt

Unread post by Captain Occam » Tue Aug 13, 2013 3:07 pm

As someone who was hacked multiple times several years ago, and knew exactly who was doing it, I have to say it isn't very likely you'd be able to get the authorities to prosecute whoever was responsible for this. When I tried to do that in my own case, what I learned is that any offense that's committed across state lines falls under FBI jurisdiction, but the FBI doesn't have the resources to investigate any attack that causes less than $5000 worth of damage. That was in 2005, but I don't imagine this is likely to have changed since then.

Another thing you can do is report them to their ISP, but ISPs won't typically take action about things like this unless they have a string of complaints from multiple sources about a single customer.

If the perpetrator really is a member of ArbCom, and you determine that it really was an actual attempt at hacking, I think the best thing you can do is publicize the identity of who was responsible. It's going to be a major embarrassment for someone in a position of authority to have it revealed they were doing this.

dogbiscuit
Retired
Posts: 2723
Joined: Wed Mar 14, 2012 11:32 pm
Wikipedia User: tiucsibgod

Re: An Awkward Hacking Attempt

Unread post by dogbiscuit » Tue Aug 13, 2013 3:41 pm

Captain Occam wrote:If the perpetrator really is a member of ArbCom, and you determine that it really was an actual attempt at hacking, I think the best thing you can do is publicize the identity of who was responsible. It's going to be a major embarrassment for someone in a position of authority to have it revealed they were doing this.
As I said, it isn't really clear whether this was incompetence or otherwise, so we are awaiting an explanation. It might have been better to await the explanation (or failure to explain) before posting this thread in retrospect, consider it an irritated outburst for now.
Time for a new signature.

User avatar
The Devil's Advocate
Habitué
Posts: 1906
Joined: Thu Jun 14, 2012 12:19 am
Wikipedia User: The Devil's Advocate

Re: An Awkward Hacking Attempt

Unread post by The Devil's Advocate » Tue Aug 13, 2013 4:03 pm

Michaeldsuarez wrote:Newyorkbrad and you aren't the only Arbitrators here. I recall AGK posting here in this forums' early days. There might be more, but I don't recall.
Kirill also has an account here, though he hasn't used it. NuclearWarfare has an account and made one post.

"For those who stubbornly seek freedom around the world, there can be no more urgent task than to come to understand the mechanisms and practices of indoctrination."

- Noam Chomsky


User avatar
Moonage Daydream
Habitué
Posts: 1855
Joined: Tue Mar 20, 2012 12:41 pm

Re: An Awkward Hacking Attempt

Unread post by Moonage Daydream » Tue Aug 13, 2013 4:30 pm

Why do drunk frat boys put on brassieres in the first place if they have trouble getting them off? Is it a rite of passage?

User avatar
Midsize Jake
Site Admin
Posts: 9872
Joined: Mon Mar 19, 2012 11:10 pm
Wikipedia Review Member: Somey

Re: An Awkward Hacking Attempt

Unread post by Midsize Jake » Tue Aug 13, 2013 4:45 pm

Moonage Daydream wrote:Why do drunk frat boys put on brassieres in the first place if they have trouble getting them off? Is it a rite of passage?
It's mutual assurance of trust. The initiate puts on the brassiere to show that he trusts the other frat boys not to put video of him wearing the brassiere on Youtube. Likewise, the other frat boys know they can trust him, because he's demonstrated his trust in them, and of course they wouldn't hesitate to put the video on Youtube if the initiate were to betray the frat in any way whatsoever. As for being unable to get the brassiere off, that's mostly due to the fact that frat boys are idiots.

User avatar
Michaeldsuarez
Habitué
Posts: 1764
Joined: Sun Mar 18, 2012 2:10 am
Wikipedia User: Michaeldsuarez
Wikipedia Review Member: Michaeldsuarez
Location: New York, New York

Re: An Awkward Hacking Attempt

Unread post by Michaeldsuarez » Tue Aug 13, 2013 4:54 pm

Triptych wrote:
Michaeldsuarez wrote:
turnedworm wrote:I sent Zoloft the following PM when I first saw this post. Based on the further comments in this thread, i'll say it again here.
Given that NYB and I are the only two (to the best of my knowledge) sitting arbcom members who use Wikipediocracy...
Newyorkbrad and you aren't the only Arbitrators here. I recall AGK posting here in this forums' early days. There might be more, but I don't recall. I'm not sure what evidence Zololf is basing his suspicions on (Email address from the account creation attempt?), but I find the idea that an Arbitrator would do this hard to believe.
I read AGK was in Hong Kong at Wikimania 2013 living the high life on the charity's dime with Sue Gardner and Oliver Keyes, breaking only to cast the final "save Oliver" vote in his and Kiefer's arbitration. Wikimania ended Sunday, and AGK couldn't really have returned by yesterday (Monday) could he?
I wasn't saying that it was AGK. I was just telling turnedworm that he or she and Newyorkbrad aren't the only two Arbitrators who have posted here in the past.
Last edited by Michaeldsuarez on Tue Aug 13, 2013 5:00 pm, edited 1 time in total.

User avatar
Zoloft
Trustee
Posts: 13981
Joined: Wed Mar 14, 2012 11:54 pm
Wikipedia User: Stanistani
Wikipedia Review Member: Zoloft
Actual Name: William Burns
Nom de plume: William Burns
Location: San Diego
Contact:

Re: An Awkward Hacking Attempt

Unread post by Zoloft » Tue Aug 13, 2013 4:56 pm

The person involved has contacted us via our support email.
I will report more details here in a little while.

My avatar is sometimes indicative of my mood:
  • Actual mug ◄
  • Uncle Cornpone
  • Zoloft bouncy pill-thing


User avatar
TungstenCarbide
Habitué
Posts: 2592
Joined: Thu Apr 05, 2012 1:51 am
Wikipedia User: TungstenCarbide
Wikipedia Review Member: TungstenCarbide

Re: An Awkward Hacking Attempt

Unread post by TungstenCarbide » Tue Aug 13, 2013 5:01 pm

Midsize Jake wrote:... that's mostly due to the fact that frat boys are idiots.
Hahaha ... true for most young men, not just frat boys.
Gone hiking. also, beware of women with crazy head gear and a dagger.

User avatar
Vigilant
Sonny, I've got a whole theme park full of red delights for you.
Posts: 31484
Joined: Thu Mar 29, 2012 8:16 pm
Wikipedia User: Vigilant
Wikipedia Review Member: Vigilant

Re: An Awkward Hacking Attempt

Unread post by Vigilant » Tue Aug 13, 2013 5:41 pm

TungstenCarbide wrote:
Midsize Jake wrote:... that's mostly due to the fact that frat boys are idiots.
Hahaha ... true for most young men, not just frat boys.
Young?
Hello, John. John, hello. You're the one soul I would come up here to collect myself.

User avatar
Zoloft
Trustee
Posts: 13981
Joined: Wed Mar 14, 2012 11:54 pm
Wikipedia User: Stanistani
Wikipedia Review Member: Zoloft
Actual Name: William Burns
Nom de plume: William Burns
Location: San Diego
Contact:

Re: An Awkward Hacking Attempt

Unread post by Zoloft » Tue Aug 13, 2013 7:07 pm

Hex wrote:That sounds like massive technology skills failure to me, rather than an attempt at hacking. Particularly because of the "named obviously as related to the old account".
The Arbitrator (no need to smudge him further) admitted to going to our server host, entering the domain name, and clicking on 'change password.'

The password change confirmation was sent to our admin email.

I can't see any reason to do that, but he claims he thought that was how you changed your forum password. He expected another dialog box asking for his account name.

<_<

Why didn't he just ask for help? Because he doesn't trust us.

I have given the member a new password and details on how to use the reset and password recovery features in the forum.

Because I do trust him.

Changing the topic title a bit to reflect reality.

My avatar is sometimes indicative of my mood:
  • Actual mug ◄
  • Uncle Cornpone
  • Zoloft bouncy pill-thing


User avatar
greybeard
Habitué
Posts: 1364
Joined: Wed Mar 14, 2012 11:21 pm

Re: An Awkward Hacking Attempt

Unread post by greybeard » Tue Aug 13, 2013 7:10 pm

Zoloft wrote: I have given the member a new password and details on how to use the reset and password recovery features in the forum.

Because I do trust him.
:facepalm: Did you read him his Carmen Miranda rights first?

Seriously, though, it's another example with Wikipedia where you can't decide whether they are idiots first and douchebags second, or the other way around.

User avatar
Triptych
Retired
Posts: 1910
Joined: Thu Mar 14, 2013 12:35 am
Wikipedia User: it's alliterative

Re: An Awkward Hacking Attempt

Unread post by Triptych » Tue Aug 13, 2013 7:20 pm

Zoloft wrote: The Arbitrator (no need to smudge him further) admitted to going to our server host, entering the domain name, and clicking on 'change password.' The password change confirmation was sent to our admin email. I can't see any reason to do that, but he claims he thought that was how you changed your forum password. He expected another dialog box asking for his account name.
Bravo to the arb for addressing this alarming matter head on. I don't know what the particular screen looked like, or how he happened to get there, but when one has sixteen windows open or whatever, and one's attention is distracted, it seems plausible enough to me.

Because he wasn't named, the arbitrator was not "smudged." Perhaps Arbcom generally was smudged, but how could one tell? It's a smudgery already.
Triptych. A Live Journal I have under other pseudonym, w. email address: Tim Song Fan. My Arbcom Accountability Project: in German. In art.

User avatar
Moonage Daydream
Habitué
Posts: 1855
Joined: Tue Mar 20, 2012 12:41 pm

Re: An Awkward Hacking Attempt

Unread post by Moonage Daydream » Tue Aug 13, 2013 7:52 pm

Zoloft wrote:
Hex wrote:That sounds like massive technology skills failure to me, rather than an attempt at hacking. Particularly because of the "named obviously as related to the old account".
The Arbitrator (no need to smudge him further) admitted to going to our server host, entering the domain name, and clicking on 'change password.'

The password change confirmation was sent to our admin email.

I can't see any reason to do that, but he claims he thought that was how you changed your forum password. He expected another dialog box asking for his account name.

<_<

Why didn't he just ask for help? Because he doesn't trust us.

I have given the member a new password and details on how to use the reset and password recovery features in the forum.

Because I do trust him.

Changing the topic title a bit to reflect reality.
Sounds plausible. Glad this got sorted out before it became messy.

User avatar
Captain Occam
Gregarious
Posts: 886
Joined: Sun Nov 11, 2012 12:08 am

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Captain Occam » Tue Aug 13, 2013 8:28 pm

Even now that we've learned this apparently wasn't malicious, I still think it might be beneficial for the Wikipedia community to know who it was, because not knowing how to reset one's password on a forum shows a lot of naivety about web-based software. By being trusted with the checkuser tool, and being given the responsibility to determine which account are and aren't sockpuppets, arbitrators are expected to have a certain level of technical knowledge. From what I've heard, making correct judgements using checkuser requires considerably more technical skill than resetting a forum password. If a member of ArbCom honestly didn't know how to do the latter, I think maybe the Wikipedia community should have the opportunity to make a judgement about whether the same person should be trusted to do the former.

User avatar
lilburne
Habitué
Posts: 4446
Joined: Thu Mar 15, 2012 6:18 pm
Wikipedia User: Nastytroll
Wikipedia Review Member: Lilburne

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by lilburne » Tue Aug 13, 2013 9:15 pm

It takes a certain amount of technical nouse to track down a websites hosting service.
Last edited by lilburne on Tue Aug 13, 2013 9:25 pm, edited 2 times in total.
They have been inserting little memes in everybody's mind
So Google's shills can shriek there whenever they're inclined

Anroth
Nice Scum
Posts: 3034
Joined: Thu May 24, 2012 3:51 pm

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Anroth » Tue Aug 13, 2013 9:24 pm

Bollocks.

No way anyone even halfway competant gets to the server host domain password reset page by accident. It would be difficult for a non techie to do it in ignorance. How did they find the page? Its hardly easy to find. There is no way anyone trusted with the technical tools and access to restricted info on enwp would make that mistake.

So yes, bollocks. Report it to the relevant authorities, forget about it after that. AGF does not mean you are blind and dumb.

-edit- I see lilburne pipped me to it. Remember quite a few people on this forum are far more than tech-literate, as an ex sysadmin, attacks on the server where you can identify the culprits are not tolerated. Seriously, they went with they thought they were changing their forum password? Pah!
Last edited by Anroth on Tue Aug 13, 2013 9:31 pm, edited 1 time in total.

User avatar
Midsize Jake
Site Admin
Posts: 9872
Joined: Mon Mar 19, 2012 11:10 pm
Wikipedia Review Member: Somey

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Midsize Jake » Tue Aug 13, 2013 9:25 pm

lilburne wrote:It takes a certain amount of technical nounce to track down a websites hosting service.
Not if you've been getting lots of e-mails from other Wikipedians that "helpfully suggest" who to contact when you want to file a spurious legal complaint...? :dry:

User avatar
Peter Damian
Habitué
Posts: 4201
Joined: Thu Mar 15, 2012 8:14 pm
Wikipedia User: Peter Damian
Wikipedia Review Member: Peter Damian
Location: London
Contact:

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Peter Damian » Tue Aug 13, 2013 9:30 pm

Anroth wrote:Bollocks.

No way anyone even halfway competant gets to the server host domain password reset page by accident. It would be difficult for a non techie to do it in ignorance. How did they find the page? Its hardly easy to find. There is no way anyone trusted with the technical tools and access to restricted info on enwp would make that mistake.

So yes, bollocks. Report it to the relevant authorities, forget about it after that. AGF does not mean you are blind and dumb.

-edit- I see lilburne pipped me to it. Remember quite a few people on this forum are far more than tech-literate, as an ex sysadmin, attacks on the server where you can identify the culprits are not tolerated. Seriously, they went with they thought they were changing their forum password? Pah!
The explanation was plausible to me at least. Putting in http://wikipediocracy.com/controlpanel redirects you here https://my.bluehost.com/cgi/account/cpanel?goto_uri=/ . The subdirectory 'controlpanel' is apparently standard on some other boards.

Perhaps it should have been clear at this point that they had reached the page of the host, not of the website, but perhaps they failed to notice due to stress at having lost the password.

If you then click ‘forgot password’ it takes you to this https://my.bluehost.com/cgi/forgot , which also identifies the page as belonging to the host, not the website. If you go any further (please don't as the moderators will be cross with me) it emails the administrator account at Wikipediocracy.
Last edited by Peter Damian on Tue Aug 13, 2013 9:31 pm, edited 1 time in total.
οὐκ ἀγαθὸν πολυκοιρανίη: εἷς κοίρανος ἔστω

User avatar
lilburne
Habitué
Posts: 4446
Joined: Thu Mar 15, 2012 6:18 pm
Wikipedia User: Nastytroll
Wikipedia Review Member: Lilburne

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by lilburne » Tue Aug 13, 2013 9:31 pm

Midsize Jake wrote:
lilburne wrote:It takes a certain amount of technical nounce to track down a websites hosting service.
Not if you've been getting lots of e-mails from other Wikipedians that "helpfully suggest" who to contact when you want to file a spurious legal complaint...? :dry:
Hmmm cant see a reset password link next to login I'm trying to make. Search emails for hosting site, navigate through that to find link to reset another password. We should be glad he didn't go of and try to reset the root password for the internet.
They have been inserting little memes in everybody's mind
So Google's shills can shriek there whenever they're inclined

Anroth
Nice Scum
Posts: 3034
Joined: Thu May 24, 2012 3:51 pm

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Anroth » Tue Aug 13, 2013 9:46 pm

Peter Damian wrote:The explanation was plausible to me at least. Putting in http://wikipediocracy.com/controlpanel redirects you here https://my.bluehost.com/cgi/account/cpanel?goto_uri=/ . The subdirectory 'controlpanel' is apparently standard on some other boards.
Still not buying it. Controlpanel is standard yes, but its standard for admin tools. Not user level. Also this is basically a stock forum, half the people here who have admin'd on similar forums could navigate it blindfolded.

User avatar
Moonage Daydream
Habitué
Posts: 1855
Joined: Tue Mar 20, 2012 12:41 pm

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Moonage Daydream » Tue Aug 13, 2013 10:00 pm

Anroth wrote:
Peter Damian wrote:The explanation was plausible to me at least. Putting in http://wikipediocracy.com/controlpanel redirects you here https://my.bluehost.com/cgi/account/cpanel?goto_uri=/ . The subdirectory 'controlpanel' is apparently standard on some other boards.
Still not buying it. Controlpanel is standard yes, but its standard for admin tools. Not user level. Also this is basically a stock forum, half the people here who have admin'd on similar forums could navigate it blindfolded.
So they are technically competent enough to know that it was the hosting control panel but at the same time they are so technically incompetent they thought that they could "hack" the server by clicking a link? There was no harm done. They've offered a plausible explanation. Let's leave it there instead of making into something that it isn't.
Last edited by Moonage Daydream on Tue Aug 13, 2013 10:02 pm, edited 1 time in total.

User avatar
Zoloft
Trustee
Posts: 13981
Joined: Wed Mar 14, 2012 11:54 pm
Wikipedia User: Stanistani
Wikipedia Review Member: Zoloft
Actual Name: William Burns
Nom de plume: William Burns
Location: San Diego
Contact:

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Zoloft » Tue Aug 13, 2013 10:01 pm

Once again, for people who need help with the forum or the blog or the wiki, our support is available at:

support @ wikipediocracy . com

Just remove the spaces.

My avatar is sometimes indicative of my mood:
  • Actual mug ◄
  • Uncle Cornpone
  • Zoloft bouncy pill-thing


User avatar
thekohser
Majordomo
Posts: 13406
Joined: Thu Mar 15, 2012 5:07 pm
Wikipedia User: Thekohser
Wikipedia Review Member: thekohser
Actual Name: Gregory Kohs
Location: United States
Contact:

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by thekohser » Tue Aug 13, 2013 10:20 pm

Moonage Daydream wrote:They've offered a plausible explanation.
Yes, agreed. They forgot their password on a site where they are too afraid of contacting the hosts to get the password reset. Typical hare-brained, clumsy, doddering muckety-muck who is perfectly suited to arbitrate Wikipedia's most difficult user cases.
"...making nonsensical connections and culminating in feigned surprise, since 2006..."

User avatar
Zoloft
Trustee
Posts: 13981
Joined: Wed Mar 14, 2012 11:54 pm
Wikipedia User: Stanistani
Wikipedia Review Member: Zoloft
Actual Name: William Burns
Nom de plume: William Burns
Location: San Diego
Contact:

Re: An Awkward Hacking Attempt? Turns out, No.

Unread post by Zoloft » Tue Aug 13, 2013 11:50 pm

I think we're pretty much done here.

If you believe you need to add more, PM me.

:lock:

My avatar is sometimes indicative of my mood:
  • Actual mug ◄
  • Uncle Cornpone
  • Zoloft bouncy pill-thing


Locked