- Joined
- Aug 10, 2009
- Messages
- 697
These days it does not take a high level of sophistication to fake a photo. This is the Internet, and there are image filters, bots, etc. which present false content as real all the time. Unless you are meeting in person at a safe location, you are at the mercy of your level of trust of the person on the other side of the connection.
I don't doubt Spark regarding compromised accounts. Logs can only tell you so much. If there is no failed login attempt, you have no way of knowing who is accessing the account. Netflix is fighting this whole process now, about password sharing by their user base to get around paying more. Someone whose account was compromised could possibly have a keyboard logger running on their machine recording every keystroke without their knowledge. Bad guy grabs the logged data, uses the credentials to log into Bladeforums and we would be none the wiser. I don't think emailing yourself for every forum post is a great idea, because it would generate a ton of overhead. Maybe there is a way to notify you when your profile is changed by sending notice to the previous email and copying the new one?
Not everyone has background knowledge of how their computers operate, so there is a certain level of making the system easy to use to sell more hardware/software. My company makes us go through mandatory training on how not to fall prey to phishers, or people doing social engineering. On the other hand, there have been acquaintances who fell victim to an unsolicited call from "Microsoft", "the IRS", "Bank of", and someone half way around the world is doing things on their machine and installing who knows what after they let them in. When a lot of this infrastructure was designed there was no focus on security. Now that is coming back to bite us.
Again I say, thank you
Spark
for everything you do for Bladeforums.
I don't doubt Spark regarding compromised accounts. Logs can only tell you so much. If there is no failed login attempt, you have no way of knowing who is accessing the account. Netflix is fighting this whole process now, about password sharing by their user base to get around paying more. Someone whose account was compromised could possibly have a keyboard logger running on their machine recording every keystroke without their knowledge. Bad guy grabs the logged data, uses the credentials to log into Bladeforums and we would be none the wiser. I don't think emailing yourself for every forum post is a great idea, because it would generate a ton of overhead. Maybe there is a way to notify you when your profile is changed by sending notice to the previous email and copying the new one?
Not everyone has background knowledge of how their computers operate, so there is a certain level of making the system easy to use to sell more hardware/software. My company makes us go through mandatory training on how not to fall prey to phishers, or people doing social engineering. On the other hand, there have been acquaintances who fell victim to an unsolicited call from "Microsoft", "the IRS", "Bank of", and someone half way around the world is doing things on their machine and installing who knows what after they let them in. When a lot of this infrastructure was designed there was no focus on security. Now that is coming back to bite us.
Again I say, thank you
Spark
for everything you do for Bladeforums.