could someone write a text explaining the NATS issue correctly

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • TTiger
    Confirmed User
    • Mar 2002
    • 3030

    #1

    could someone write a text explaining the NATS issue correctly

    experiment guys we need your help to explain to the world whats is really happening with NATS (maybe a stick it post with a regular guy keeping us informed on the story))
    so we could spread it to digg, slashdot etc..

    which issue is right and which is wrong..
    what's really happening whats is real and what's false
    because i have to admit they're a lot of thread on the subject and i don't understand all the issue ..
    what's should i do as an affiliated? i've sign up with like 100 programs using NATS should i reset all these account? please tell me no

    thank you for reading
    sorry for my bad english
  • spacedog
    Yes that IS me. Bitch.
    • Nov 2001
    • 14149

    #2
    Somebody stole email addresses using a nats admin password that was obtained illegally via methods unknown & then spammed those emails.

    Comment

    • TTiger
      Confirmed User
      • Mar 2002
      • 3030

      #3
      then GFY will exposed to the mainstream so we should have a sticky on the subject no?

      Comment

      • TTiger
        Confirmed User
        • Mar 2002
        • 3030

        #4
        the issue is on slashdot newsletter (just receive the mail)

        Slashdot Daily Newsletter

        In this issue:
        * Only 2 in 500 College Students Believe in IP
        * Google Reader Begins Sharing Private Data
        * Netgear Introduces Linux-Based NAS Devices
        * FSFE Supports Microsoft Antitrust Investigation
        * Thousands of Adult Website Accounts Compromised
        * The Economist's Technology Predictions For 2008
        * Airlines Plan To Filter, Censor In-Flight Internet Access
        * 'Mind Doping' Becoming More Common
        * Apple and Google Are Telecom's Newest Stars
        * Anti-Virus Bug Briefly Identified Windows Explorer as Malware
        * How To Tell If It's Really Titanium
        * Capitol Hill Quiet on Tech
        * Heathkit Reincarnates the Hero Robot
        * USPTO Reaffirms 1-Click Claims 'Old And Obvious'
        * The LCD Panel vs. The Crossbow
        * Robots To Control Oil Drilling Platforms

        Comment

        • Babaganoosh
          ♥♥♥ Likes Hugs ♥♥♥
          • Nov 2001
          • 15841

          #5
          Lets not invite digg users to GFY. You think this place is full of jerkoffs now, just wait and see what will happen if those dickheads show up. Let a site like AVN deal with it.

          To answer your question, the guys who wrote nats had a default account set up so they could log in to provide support. That account was compromised so anyone who didn't disable that account was at risk.
          I like pie.

          Comment

          • st0ned
            Confirmed User
            • Mar 2007
            • 8437

            #6
            Why would you want it getting out more than it already is? Come on, think of the negative effects.
            Conversion Sharks - 1,000+ adult dating offers, traffic management, and consistently high payouts.
            We will guarantee and beat your current EPC to win your dating traffic!
            Skype: ConversionSharks || Email: info /@/ conversionsharks.com

            Comment

            • spacedog
              Yes that IS me. Bitch.
              • Nov 2001
              • 14149

              #7
              Originally posted by TTiger
              the issue is on slashdot newsletter (just receive the mail)

              Slashdot Daily Newsletter

              In this issue:
              * Only 2 in 500 College Students Believe in IP
              * Google Reader Begins Sharing Private Data
              * Netgear Introduces Linux-Based NAS Devices
              * FSFE Supports Microsoft Antitrust Investigation
              * Thousands of Adult Website Accounts Compromised
              * The Economist's Technology Predictions For 2008
              * Airlines Plan To Filter, Censor In-Flight Internet Access
              * 'Mind Doping' Becoming More Common
              * Apple and Google Are Telecom's Newest Stars
              * Anti-Virus Bug Briefly Identified Windows Explorer as Malware
              * How To Tell If It's Really Titanium
              * Capitol Hill Quiet on Tech
              * Heathkit Reincarnates the Hero Robot
              * USPTO Reaffirms 1-Click Claims 'Old And Obvious'
              * The LCD Panel vs. The Crossbow
              * Robots To Control Oil Drilling Platforms
              Yeah, and slashdot's source contains alot of misinformation that is very deceptive & misleading.

              Comment

              • SmokeyTheBear
                ►SouthOfHeaven
                • Jun 2004
                • 28609

                #8
                Nats had their admin password list hacked.

                Using these password , thieves used software to monitor sponsors emails by logging in as a nats admin and retrieving data.

                Most attempts appear only to be related to email harvesting.

                Credit card information pertaining to signups are not stored nor displayed for admins very easily , so while it is unlikely it's possible they could have access to such information as affiliate data ( emails , encrypted password, ss#'s etc )

                Nats has been aware of this situation for quite some time but "perhaps" overlooked the seriousness of the breach ( in my opinion due to pure negligence, as many many webmasters have mentioned it time and time again. i.e. spam after using nats sponsors ) furthermore nats employees appeared to many to be more interested in silencing the truth rather than fix the problem .

                In hindsight , no software is perfect , but there are many methods of fixing problems, #1 is listening to your customers in an open fashion .

                I thought nats guys did a great job in apologizing and setting the record straight even if it meant opeing them up to legal problems. I sure hope this is an isolated incident and not something more serious like a managed breach.
                hatisblack at yahoo.com

                Comment

                • fuckingfuck
                  Confirmed User
                  • May 2007
                  • 521

                  #9
                  Here is the story in summary.

                  Once there was some shitty software with a big hole.

                  Then some people stole LOTS people's information using that hole.

                  Then some people claimed the company who produced the software actually knew it and they are involved in collection of all this data.

                  Then someone informed mainstream/tech blogs about this.

                  Then people accused each other about everything.

                  Then some Bros appeared and created threads to protect one side.

                  --------------------

                  This is where we are now. It is also told that probably these news will be on newspapers soon.
                  AA

                  Comment

                  • TTiger
                    Confirmed User
                    • Mar 2002
                    • 3030

                    #10
                    Originally posted by SmokeyTheBear
                    Nats had their admin password list hacked.

                    Using these password , thieves used software to monitor sponsors emails by logging in as a nats admin and retrieving data.

                    Most attempts appear only to be related to email harvesting.

                    Credit card information pertaining to signups are not stored nor displayed for admins very easily , so while it is unlikely it's possible they could have access to such information as affiliate data ( emails , encrypted password, ss#'s etc )

                    Nats has been aware of this situation for quite some time but "perhaps" overlooked the seriousness of the breach ( in my opinion due to pure negligence, as many many webmasters have mentioned it time and time again. i.e. spam after using nats sponsors ) furthermore nats employees appeared to many to be more interested in silencing the truth rather than fix the problem .

                    In hindsight , no software is perfect , but there are many methods of fixing problems, #1 is listening to your customers in an open fashion .

                    I thought nats guys did a great job in apologizing and setting the record straight even if it meant opeing them up to legal problems. I sure hope this is an isolated incident and not something more serious like a managed breach.
                    do you authorize me to copy this response to social bookmark network?
                    to keep people informed and give them the real info?

                    Comment

                    • papill0n
                      Unregistered Abuser
                      • Oct 2007
                      • 15547

                      #11
                      Originally posted by fuckingfuck

                      Then some people stole LOTS people's information using that hole.

                      .

                      No dude. LOTS Of information was NOT stolen.

                      Comment

                      • TTiger
                        Confirmed User
                        • Mar 2002
                        • 3030

                        #12
                        thank you for all these great info and keep the drama away;)

                        Comment

                        • fuckingfuck
                          Confirmed User
                          • May 2007
                          • 521

                          #13
                          Originally posted by RageCash-Ben
                          No dude. LOTS Of information was NOT stolen.
                          Hi Bro...
                          AA

                          Comment

                          • SmokeyTheBear
                            ►SouthOfHeaven
                            • Jun 2004
                            • 28609

                            #14
                            Originally posted by TTiger
                            do you authorize me to copy this response to social bookmark network?
                            to keep people informed and give them the real info?
                            well i cant stop you and i wouldnt sue you if you did , but i feel a bit funny having it on non-adult news type sites , personally i wouldnt , if i was writing it for surfers i would word it differently, it was written more for affiliates/programs. but its up to you..

                            i'll try a rewrite for "surfers"


                            Cliffnotes.

                            Nats - TMM a leading billing/affiliate program for adult websites had their admistration password list hacked. Using these passwords allowed hackers to login to and perform duties as an admistrator on many adult websites who run the nats software. Hackers then wrote software to login to the breached websites and obtain certain information. Most of these attempts appear to be to retrieve emails of customers, which were then used or sold to email spammers. Although there is no initial evidence that any private data such as credit card information of subscribers was retrieved , it is clear to many that some information such as emails of the programs sub-contractors/affiliates was comprimised. The leading consesus would be if you bought porn from an adult website , you probably don't have anything to worry about other than a few more emails in your inbox, if you sell porn , the verdict is still out.



                            thats all mainstream needs to know , the disclosure to affiliates that was the biggest problem for many should prob be left in the industry to discuss
                            hatisblack at yahoo.com

                            Comment

                            • notoldschool
                              Confirmed User
                              • Aug 2007
                              • 5687

                              #15
                              Originally posted by TTiger
                              experiment guys we need your help to explain to the world whats is really happening with NATS (maybe a stick it post with a regular guy keeping us informed on the story))
                              so we could spread it to digg, slashdot etc..

                              which issue is right and which is wrong..
                              what's really happening whats is real and what's false
                              because i have to admit they're a lot of thread on the subject and i don't understand all the issue ..
                              what's should i do as an affiliated? i've sign up with like 100 programs using NATS should i reset all these account? please tell me no

                              thank you for reading
                              sorry for my bad english
                              You cant read?
                              No doubt one may quote history to support any cause, as the devil quotes scripture.
                              -- Learned Hand

                              http://www.bjpenn.com

                              Comment

                              • notoldschool
                                Confirmed User
                                • Aug 2007
                                • 5687

                                #16
                                Originally posted by SmokeyTheBear


                                Although there is no initial evidence that any private data such as credit card information of subscribers was retrieved , it is clear to many that some information such as emails of the programs sub-contractors/affiliates was comprimised. The leading consesus would be if you bought porn from an adult website , you probably don't have anything to worry about other than a few more emails in your inbox, if you sell porn , the verdict is still out.


                                Dude are you fucking stupid. It is impossible for them to get cc info as the billers keep all that info. Now we have another liar to add to the list.
                                No doubt one may quote history to support any cause, as the devil quotes scripture.
                                -- Learned Hand

                                http://www.bjpenn.com

                                Comment

                                • SmokeyTheBear
                                  ►SouthOfHeaven
                                  • Jun 2004
                                  • 28609

                                  #17
                                  Originally posted by RageCash-Ben
                                  No dude. LOTS Of information was NOT stolen.
                                  i guess that all depends on what you consider "lots"

                                  is millions of emails "lots" ?

                                  i would consider millions of anything lots

                                  I think some of the issues are being glossed over because nats still hasnt disclosed it to us.

                                  when i first noticed a problem with nats and spam it wasnt from signing up as a surfer it was from signing up as an affiliate so i think the theory that only the surfers emails and data was stolen is false. I am pretty sure that affiliate data was stolen, this was likely done quickly , its likely not as easy to spot for sponsors because the hackers used software to repeatdely monitor a sponsors "surfer signups" , for affiliates there wouldnt be a need to check multiple times daily it would throw off too many red flags..

                                  i dont think this was done by someone with no knowledge of the software , it was either an ex-nats employee , someone with the source code or at the very least a sponsor who bought nats ( just my theory/opinion based on what little evidence has been released )
                                  hatisblack at yahoo.com

                                  Comment

                                  • SmokeyTheBear
                                    ►SouthOfHeaven
                                    • Jun 2004
                                    • 28609

                                    #18
                                    Originally posted by notoldschool
                                    Dude are you fucking stupid. It is impossible for them to get cc info as the billers keep all that info. Now we have another liar to add to the list.
                                    did you even read what i wrote or what ? i didn't say cc info was stolen , infact i said "no initial evidence" that it was stolen , how do you turn that into the opposite thing ?

                                    p.s. never say impossible
                                    hatisblack at yahoo.com

                                    Comment

                                    • SmokeyTheBear
                                      ►SouthOfHeaven
                                      • Jun 2004
                                      • 28609

                                      #19
                                      if anyone wants to know how real a possibilty someone could obtain cc info from this , its very simple if you have been inside nats.

                                      edit the templates place a hidden script on the signup page , this redirects certain ip blocks to a fake mockup of the billers signup page , cc card are stolen and stored , voila.. would take all of 20 minutes to do .

                                      doesnt need cc info to be stored by nats or the sponsor encrypted or unencrypted.

                                      thats why i said NO INITIAL EVIDENCE , i.e. i have seen nothing to suggest the above scenario took place , but its WELL within the hackers power and a VERY REAL and possible scenario.
                                      hatisblack at yahoo.com

                                      Comment

                                      • SmokeyTheBear
                                        ►SouthOfHeaven
                                        • Jun 2004
                                        • 28609

                                        #20
                                        before you call someone a liar , do your homework. I have.
                                        hatisblack at yahoo.com

                                        Comment

                                        • notoldschool
                                          Confirmed User
                                          • Aug 2007
                                          • 5687

                                          #21
                                          Originally posted by SmokeyTheBear
                                          if anyone wants to know how real a possibilty someone could obtain cc info from this , its very simple if you have been inside nats.

                                          edit the templates place a hidden script on the signup page , this redirects certain ip blocks to a fake mockup of the billers signup page , cc card are stolen and stored , voila.. would take all of 20 minutes to do .

                                          doesnt need cc info to be stored by nats or the sponsor encrypted or unencrypted.

                                          thats why i said NO INITIAL EVIDENCE , i.e. i have seen nothing to suggest the above scenario took place , but its WELL within the hackers power and a VERY REAL and possible scenario.

                                          Its called implication.
                                          No doubt one may quote history to support any cause, as the devil quotes scripture.
                                          -- Learned Hand

                                          http://www.bjpenn.com

                                          Comment

                                          • minusonebit
                                            So Fucking Banned
                                            • Feb 2006
                                            • 7391

                                            #22
                                            Yep, sure could. I already did that. Hope it helps.

                                            Comment

                                            • Paul Markham
                                              Too old to care
                                              • Jun 2001
                                              • 52942

                                              #23
                                              Smokey seems to have nailed it. Except for the "hacked" part.

                                              No one knows the list was hacked and if it was hacked it was not once. It appears it was hacked on a constant basis. No proof it was hacked or was not hacked has been seen.

                                              This is from John's post and I apologise if I got it wrong.

                                              The problem came to light a few months ago.
                                              He thought he had fixed it.
                                              He notified at risk clients.
                                              The system existed for the client to lock down his data on NATS.

                                              This is what others have said.

                                              When told about the problem of spam John blamed the clients system. It has been claimed he threatened legal action to stop people spreading "mis information". He did not take legal action.

                                              As soon as it hit here some sponsors were able to identify the problem, find the IP address logging in, when it logged in and how it logged in. It was not hard to find and it seems they blocked it. No explanation has come from TMM of why TMM failed to do this.

                                              To my knowledge, none of his clients have come forward to say TMM notified or warned them of the problem. Before the news hit the boards.

                                              To my knowledge, no email was sent to insist clients use the system already in place to further protect their data.

                                              To my knowledge, the safer system was not put up as the default set up.

                                              As I said the above may not be 100% because I missed something on the boards.



                                              Blowout deal. 880 videos, 2,400 image sets, plus many RAW videos. $500.
                                              PM me for a deal. Skype Paulmarkham70

                                              Comment

                                              • SmokeyTheBear
                                                ►SouthOfHeaven
                                                • Jun 2004
                                                • 28609

                                                #24
                                                Originally posted by notoldschool
                                                Its called implication.
                                                its an implication that someone says "no initial evidence " ? go reread what you quoted and be a man and apolgize. as far as i see it you are the one who lied and you were the one who implied i said cc info was stolen , when i never said that and the quote you quoted infact stated the EXACT OPPOSITE to what you implicated.



                                                go ahead and ask a nats rep about my statement above..
                                                or ask ANY program owner who has used nats interface if its true or not.

                                                I wont hold it against you if you aplogize as everyone makes mistakes, it takes a bigger man to say " hey you know what i read your statement wrong and infact what you said was 100% truthfull and can be verified by ANY sponsor who uses nats "
                                                hatisblack at yahoo.com

                                                Comment

                                                • Zester
                                                  Confirmed User
                                                  • Jul 2003
                                                  • 5344

                                                  #25
                                                  Originally posted by SmokeyTheBear
                                                  Nats had their admin password list hacked.

                                                  Using these password , thieves used software to monitor sponsors emails by logging in as a nats admin and retrieving data.

                                                  while it is unlikely it's possible they could have access to such information as affiliate data ( emails , encrypted password, ss#'s etc )
                                                  Originally posted by Paul Markham
                                                  No one knows the list was hacked and if it was hacked it was not once. It appears it was hacked on a constant basis. No proof it was hacked or was not hacked has been seen.

                                                  As soon as it hit here some sponsors were able to identify the problem, find the IP address logging in, when it logged in and how it logged in. It was not hard to find and it seems they blocked it.
                                                  ok, leaving aside the idea that the affiliate's email was stolen:
                                                  now NATS users (sponsors) need to disable this "nats admin" access in order to close the security hole ? and that's is regarding this issue ? after that the affiliate's data is (relatively) safe ?
                                                  Last edited by Zester; 12-26-2007, 01:08 AM.
                                                  * Mainstream ? $65 per sale
                                                  * new male contraception

                                                  Comment

                                                  • SmokeyTheBear
                                                    ►SouthOfHeaven
                                                    • Jun 2004
                                                    • 28609

                                                    #26
                                                    Originally posted by Zester
                                                    ok, leaving aside the idea that the affiliate's email was stolen:
                                                    now NATS users (sponsors) need to disable this "nats admin" access in order to close the security hole ? after that the data is (relatively) safe ?
                                                    heck no i would suggest a security audit..

                                                    disabling admin access is the first step , if you dont do a security audit theres any number of places someone could have inserted something i would think .. nats would be the only person who can answer that question for sure but if an admin or someone using an admin account messed with the nats templates theres any number of places nefarious things could have been placed.
                                                    hatisblack at yahoo.com

                                                    Comment

                                                    • minusonebit
                                                      So Fucking Banned
                                                      • Feb 2006
                                                      • 7391

                                                      #27
                                                      OK, lets everybody get thier stories straight.... we need to tell/spin ONE LIE here... the same spin/lie... each and every time someone asks us what the deal is...

                                                      LOL, this so-called industry is fucking pathetic. You people dont even have enough sense to go and make up the lie/spin somewhere out of public sight.

                                                      Comment

                                                      • TheDoc
                                                        Too lazy to set a custom title
                                                        • Jul 2001
                                                        • 13827

                                                        #28
                                                        Smokey, for your CC theory to work in NATS you could only change the post url in the join form. Everything else is to wrapped around nats and would break something big enough you would notice. If we can toss out theories, then a iframe exploit in smarty could do the same thing.

                                                        NATS doesn't store, record, pass through, or even see/touch/smell any credit card data.



                                                        Paul Markham, your yap doesn't stop does it? You have asked these same questions with a different twist 30 times now, and each time they have been answered for you.

                                                        a) Admins are able to see what is being pulled from the databases on connections. No deep cover up here.

                                                        b) The problem a few months ago was "DIFFERENT" but yes, it was unknowingly related. I'm not sure why that is hard for you to understand or get.

                                                        c) Since they didn't know the extent of the problem at that time they only notified clients with the current related problem and not the unknown one.

                                                        d) Clients are told about the IP lock feature and admin accounts during setup. It's the first thing in the config admin of nats. And it "CAN NOT" be forced on by NATS since NATS can be locked fully out of the system, just by turning the account off. (FYI, most clients used it)

                                                        e) I think John threated to send a C&D, that isn't the same thing as legal action. Unless he recently said something different, the last I saw it was a C&D threat.


                                                        Minusonebit posts/article is filled with easily provable lies and slander.
                                                        ~TheDoc - ICQ7765825
                                                        It's all disambiguation

                                                        Comment

                                                        • notoldschool
                                                          Confirmed User
                                                          • Aug 2007
                                                          • 5687

                                                          #29
                                                          Originally posted by SmokeyTheBear
                                                          its an implication that someone says "no initial evidence " ? go reread what you quoted and be a man and apolgize. as far as i see it you are the one who lied and you were the one who implied i said cc info was stolen , when i never said that and the quote you quoted infact stated the EXACT OPPOSITE to what you implicated.



                                                          go ahead and ask a nats rep about my statement above..
                                                          or ask ANY program owner who has used nats interface if its true or not.

                                                          I wont hold it against you if you aplogize as everyone makes mistakes, it takes a bigger man to say " hey you know what i read your statement wrong and infact what you said was 100% truthfull and can be verified by ANY sponsor who uses nats "

                                                          squirm all you want. There was implication in your statement and you should be punished.
                                                          No doubt one may quote history to support any cause, as the devil quotes scripture.
                                                          -- Learned Hand

                                                          http://www.bjpenn.com

                                                          Comment

                                                          • Why
                                                            MFBA
                                                            • Mar 2003
                                                            • 7230

                                                            #30
                                                            for what its worth, due to the fact that nats uses smarty, its possible that this person used nats to create smarty pages or placed code into pre-existing smarty templates that would allow them back into the systems even if the passwords were changed. furthermore if the person doing this used smarty templates for hacking its possible he created methods to view, dump, email, etc. entire databases. so its possible more information then JUST what is shown in the admin side of things is at risk. depending on what ALL a program keeps on their nats server this person could have escalated things up from there to... well the sky is the limit.

                                                            its really a shitty situation, however we were not effected as we have had IP protections in place for many many months. this is a security feature in nats very few companies use but it HAS been in the software for years(to the best of my knowledge) and requires an admin to have a proper user/pass and be logging in from a specific IP. to blame nats entirely is silly, as the precautions to prevent these matters were in place for a very long time.

                                                            Comment

                                                            • Why
                                                              MFBA
                                                              • Mar 2003
                                                              • 7230

                                                              #31
                                                              course the person doing it, from my reading on the matter was using the same netblock to login to the compromised systems more then once daily. which IMHO would mean this person was NOT overly sophisticated and probably didn't hack up templates and leave stuff on systems like some people might have.

                                                              Comment

                                                              • INever
                                                                Confirmed User
                                                                • Jan 2005
                                                                • 4031

                                                                #32
                                                                The executive summary:

                                                                If our data is in a NATS system we're possibly fucked.
                                                                I love Camdough

                                                                airvpn

                                                                Comment

                                                                • SmokeyTheBear
                                                                  ►SouthOfHeaven
                                                                  • Jun 2004
                                                                  • 28609

                                                                  #33
                                                                  Originally posted by notoldschool
                                                                  There was implication in your statement and you should be punished.
                                                                  lol fuck off ya moron , you made a bold faced lie because you hadnt read what you quoted. now you are too pussy to own up to your mistake. even after i schooled you on how easy it would be.

                                                                  anyone who thinks "no evidence" means "yes" is a fucking moron. and you are obviously a pussy and a moron because you won't admit you were lying.
                                                                  hatisblack at yahoo.com

                                                                  Comment

                                                                  • SmokeyTheBear
                                                                    ►SouthOfHeaven
                                                                    • Jun 2004
                                                                    • 28609

                                                                    #34
                                                                    Originally posted by TheDoc
                                                                    Smokey, for your CC theory to work in NATS you could only change the post url in the join form.
                                                                    and thats not enough ?

                                                                    Originally posted by TheDoc
                                                                    Everything else is to wrapped around nats and would break something big enough you would notice.
                                                                    seems like losing your master password list would be noticed as well , or an admin logging onto multiple sponsors hundreds of times per day for weeks


                                                                    Originally posted by TheDoc
                                                                    NATS doesn't store, record, pass through, or even see/touch/smell any credit card data.
                                                                    and yet using the method i mentioned above, its very possible for a hacker to inject code using the nats admin password that would steal credit card numbers.

                                                                    my point is exactly how i stated it above. There is NO indication any credit card information was compromised .

                                                                    In order to RULE out this , every nats sponsor should have a security audit done. i would feel unsafe with the statement that "no credit card information was compromised" because it just hasn't been established yet.

                                                                    Personally if i was nats i would pay to have each of their clients security audited so they CAN say that no credit card info was compromised, until then its just a guess ( and not very wise one either i would think )
                                                                    hatisblack at yahoo.com

                                                                    Comment

                                                                    • Paul Markham
                                                                      Too old to care
                                                                      • Jun 2001
                                                                      • 52942

                                                                      #35
                                                                      Thanks but I wanted John to anwer it. However.

                                                                      Originally posted by TheDoc
                                                                      a) Admins are able to see what is being pulled from the databases on connections. No deep cover up here.
                                                                      So when they investigated this they saw what was being pulled, could they see how the user was getting in and the IP address?

                                                                      Originally posted by TheDoc
                                                                      b) The problem a few months ago was "DIFFERENT" but yes, it was unknowingly related. I'm not sure why that is hard for you to understand or get.
                                                                      Seems to me it was the same problem, this investigation was not good enough. The posters on GFY found it fast enough.

                                                                      Originally posted by TheDoc
                                                                      c) Since they didn't know the extent of the problem at that time they only notified clients with the current related problem and not the unknown one.
                                                                      Did they notify people they thought "at risk" or people who had already told them about the problem? We have yet to see anyone step forward and say "TMM alerted me to this without me asking them about it."

                                                                      Originally posted by TheDoc
                                                                      d) Clients are told about the IP lock feature and admin accounts during setup. It's the first thing in the config admin of nats. And it "CAN NOT" be forced on by NATS since NATS can be locked fully out of the system, just by turning the account off. (FYI, most clients used it)
                                                                      I would say they should of found the problem and TOLD their clients how it was to proceed. Then changed the safer method to the default. By not doing so they left the door open.

                                                                      Originally posted by TheDoc
                                                                      e) I think John threated to send a C&D, that isn't the same thing as legal action. Unless he recently said something different, the last I saw it was a C&D threat.
                                                                      Do you think sending a C&D to people you know are telling the truth is right? Or maybe he did not know they were telling the truth that his program was compromised.

                                                                      You see the problem goes a bit deeper than you think. In my opinion. Either TMM were not able to find the problem that others found in minutes or they did not want to.



                                                                      Blowout deal. 880 videos, 2,400 image sets, plus many RAW videos. $500.
                                                                      PM me for a deal. Skype Paulmarkham70

                                                                      Comment

                                                                      • Naja-ram
                                                                        Confirmed User
                                                                        • Aug 2006
                                                                        • 639

                                                                        #36
                                                                        Originally posted by notoldschool
                                                                        squirm all you want. There was implication in your statement and you should be punished.
                                                                        will you shut the fuck up already !?

                                                                        this guy is just unbelievable .....
                                                                        Last edited by Naja-ram; 12-27-2007, 05:12 AM.
                                                                        http://www.muslimmatrimonial.com/

                                                                        Comment

                                                                        Working...