Quote:
Originally Posted by mike134
Im just curious, NATS stores user account information to the websites under the programs run by NATS? I thought everything was run on the program owners server, and it would only check back with nats servers for maybe a license check or something.
|
No, NATS does not store personal client stuff like that in the TMM database, but prior to this there was a a security problem:
The NATS admin password (the account/password they use to verify/modify your setup) was stored on their servers. Their servers were allegedly hacked and the password for many installs got into the wrong hands. This meant the miscreants could at will and automatically poll many nats installs for things over the web, like email addresses and stats etc.
Once TMM were made aware of this fact and things became known on the boards of what had happened, the security hole responsible was found and subsequently closed in all installs of NATS.
Hats off to TMM for closing the breach once the security hole became public - the problem lies in people/person (there were many, but one went too far), that tried to use this knowledge and run into the clouds to try and create a smoking gun situation.
In any case, this security hole no longer exists and all installations have been patched to prevent future re-occurrences.
Hope this clarifies
--
edit to add
this is like any single 3rd party software install.... nothing in the world in computing is safe - as soon as you have many installs of a 3rd party software, adn that software is the leader, you will always have someone trying to find security holes in it to exploit. Just ask Microsfot how this feels....
If you want security-free software, design your own that no-one knows the source to and you *may* be relatively free from problems. Desing that software badly though and you'll be worse off!!