glyphstrip FAQ button
Halo.bungie.org
glyphstrip
Frequently Asked Forum Questions
 Search the HBO News Archives

Any All Exact 
Search the Halo Updates DBs

Halo Halo2 
Search Older Posts on This Forum:
Posts on Current Forum | Archived Posts


Re: If you're contacted by Louis Wu on LIVE...
Posted By: Louis Wu <halo@bungie.org>Date: 9/29/08 7:11 a.m.

In Response To: Re: If you're contacted by Louis Wu on LIVE... (The Handmade Hero)


: I just looked up "how to steal xbox 360 account" on youtube.com out
: of curiosity and a crapload of Tutorials showed up!!! Shouldn't microsoft
: do something about that?!

This one's pretty funny:

http://www.youtube.com/watch?v=oeNydYfNLrc

Basically "Send us your gamertag and password, and we'll send you to a page that lets you steal gamertags."

I wonder how many suckers fell for it?

This one bothers me a little more:

http://www.youtube.com/watch?v=diUmRTgZM-w

I don't know if it works or not, but it's certainly feasible; many automated systems have ways for admins to process things via email, and the only protection is an obscure password. If that password is discovered (or revealed by a disgruntled ex-employee, or something), the system is completely compromised, until someone fixes it. This might NEVER have worked, or it might have worked until someone noticed this YouTube vid... or it might still work today. There's really no way to tell without trying it out. (And if it's been locked down, trying it out might very well mean losing YOUR valid gold account that you used to activate the system.)

Bottom line - the system is not infallible. Nobody guessed my password (though I'm really, really, REALLY happy that my XBL password is not used anywhere else at the moment) - they either socially-engineered the info out of a tech, or they fooled an automated system. Either way, they got info in ways that I am powerless to stop.

A few people have suggested that once the account is recovered, I ask for a telephone password to be put on, before any info will be changed over the phone. That 's certainly worth a shot. (Won't stop the back-door stuff like that video above, if anything like that actually exists... but it'll slow down the social engineering.)

Message Index



Replies:

If you're contacted by Louis Wu on LIVE...Louis Wu 9/28/08 9:20 p.m.
     Re: If you're contacted by Louis Wu on LIVE...odmichael 9/28/08 9:28 p.m.
           You, good sir, are a hero. *NM*Ross Mills 9/29/08 5:24 a.m.
     Re: If you're contacted by Louis Wu on LIVE...HaloMarine117 9/28/08 9:32 p.m.
     Re: If you're contacted by Louis Wu on LIVE...Pkmnrulz240 9/28/08 9:33 p.m.
           Re: If you're contacted by Louis Wu on LIVE...zugy 9/28/08 9:53 p.m.
                 Re: If you're contacted by Louis Wu on LIVE...Pkmnrulz240 9/28/08 10:17 p.m.
                       Re: If you're contacted by Louis Wu on LIVE...Louis Wu 9/29/08 6:55 a.m.
     Re: If you're contacted by Louis Wu on LIVE...Avateur 9/28/08 9:57 p.m.
           Re: If you're contacted by Louis Wu on LIVE...Hunt3r 9/28/08 10:34 p.m.
                 Re: If you're contacted by Louis Wu on LIVE...Avateur 9/28/08 11:04 p.m.
                       Re: If you're contacted by Louis Wu on LIVE...Hunt3r 9/28/08 11:57 p.m.
                             You would want to be on Bill Gates'? *NM*JeSteR 343 9/29/08 7:38 a.m.
                                   You aren't on Bill Gates'? =p *NM*evildoctorwill 9/29/08 7:47 a.m.
     Re: If you're contacted by Louis Wu on LIVE...Sep7imus [subnova] 9/28/08 10:05 p.m.
     Re: If you're contacted by Louis Wu on LIVE...urk 9/28/08 10:12 p.m.
     Re: If you're contacted by Louis Wu on LIVE...Jason Neal 9/29/08 12:12 a.m.
     Re: Does this mean...Devin Olsen 9/29/08 12:27 a.m.
           Re: Does this mean...Ross Mills 9/29/08 5:23 a.m.
     Re: If you're contacted by Louis Wu on LIVE...The Handmade Hero 9/29/08 1:59 a.m.
           Re: If you're contacted by Louis Wu on LIVE...xmoosev3 9/29/08 2:26 a.m.
           Re: If you're contacted by Louis Wu on LIVE...Louis Wu 9/29/08 7:11 a.m.
                 Re: If you're contacted by Louis Wu on LIVE...pete_the_duck 9/29/08 7:21 a.m.
                       Re: If you're contacted by Louis Wu on LIVE...Louis Wu 9/29/08 7:26 a.m.
                 Re: If you're contacted by Louis Wu on LIVE...Ross Mills 9/29/08 7:26 a.m.
                 Posting those links probably isn't a good idea...Vandle Valsher 9/29/08 7:33 a.m.
                       Re: Posting those links probably isn't a good ideaRoss Mills 9/29/08 8:08 a.m.
                       Re: Posting those links probably isn't a good ideaLouis Wu 9/29/08 8:10 a.m.
                 Erm...to me, it looks like the second one...GatchamanUK 9/29/08 11:02 a.m.
                       Re: Erm...to me, it looks like the second one...Louis Wu 9/29/08 12:07 p.m.
     Re: If you're contacted by Louis Wu on LIVE...BlueNinja 9/29/08 10:42 a.m.
           Re: If you're contacted by Louis Wu on LIVE...The Handmade Hero 9/29/08 12:26 p.m.
                 Re: If you're contacted by Louis Wu on LIVE...Louis Wu 9/29/08 12:33 p.m.
     Re: If you're contacted by Louis Wu on LIVE...Miguel Chavez 9/29/08 12:01 p.m.
           No, that was me. *NM*Louis Wu 9/29/08 12:08 p.m.
     Re: If you're contacted by Louis Wu on LIVE...SonofMacPhisto 9/29/08 1:03 p.m.
     I think I know who it isGhost Faction 9/29/08 1:15 p.m.
           WOWThe Handmade Hero 9/29/08 1:55 p.m.
                 Re: WOWSchedonnardus 9/29/08 3:27 p.m.
                       *Ninjas deployed* *NM*SonofMacPhisto 9/29/08 4:29 p.m.
           Re: I think I know who it isFirestorm12 9/29/08 6:12 p.m.
                 Re: I think I know who it isLouis Wu 9/29/08 6:38 p.m.
                       PWNED.My7hos 9/29/08 6:41 p.m.
                             Re: PWNED.Louis Wu 9/29/08 6:43 p.m.
                                   Re: PWNED.My7hos 9/29/08 7:00 p.m.
                                         Re: PWNED.Avateur 9/29/08 7:19 p.m.
                                         Re: PWNED.sonofmacphisto 9/30/08 6:46 p.m.
                                               Got it back.Louis Wu 9/30/08 6:51 p.m.
                                                     HUZZAH! :-D *NM*sonofmacphisto 9/30/08 8:03 p.m.
                                                     Congrats & welcome back! *NM*Anton P. Nym (aka Steve) 9/30/08 8:58 p.m.
                                                     Re: Got it back.Ghost Faction 9/30/08 11:20 p.m.
                                                     ExcellentRoss Mills 10/1/08 5:53 a.m.
                                                           Re: ExcellentLouis Wu 10/1/08 7:28 a.m.
                                                                 Awesome! :D *NM*My7hos 10/1/08 10:09 a.m.
                                                     Hooray!mendicantbias00 10/2/08 8:42 a.m.
                                                     Re: Got it back.Sep7imus [subnova] 10/2/08 9:19 a.m.
                                                           Re: Got it back.Louis Wu 10/2/08 9:23 a.m.
     Re: If you're contacted by Louis Wu on LIVE...BerserkerBarage 9/29/08 6:18 p.m.
     Re: If you're contacted by Louis Wu on LIVE...A Ghostly NINJA 9/29/08 9:30 p.m.



contact us

The HBO Forum Archive is maintained with WebBBS 4.33.