These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Technology Lab

 
  • Topic is locked indefinitely.
123Next pageLast page
 

Stop using siggy, it is leaking your information

First post
Author
Previous Topic Next Topic
Two step
Aperture Harmonics
#1 - 2014-04-09 14:16:07 UTC
Some of you might have heard about the Heartbleed bug found in openSSL. Most larger sites are fixed, but siggy is not. If you are still using siggy, you might want to stop until it is fixed, as you are basically broadcasting your location to anyone who cares to find out. For example, I just discovered that "Maes Trent" in AdAstra is in Tar in a Cerberus. If anyone knows the siggy dude, please ask him to fix his server. I also can currently see his private SSL key.

CSM 7 Secretary CSM 6 Alternate Delegate @two_step_eve on Twitter My Blog
Rengas
AQUILA INC
#2 - 2014-04-09 16:01:16 UTC
Can confirm that Siggy has been compromised and is leaking personal information.

Went through my online checking account bank statements this morning and discovered some suspicious payments to HungCollegeHunks and BackdoorBandits.com.
Two step
Aperture Harmonics
#3 - 2014-04-09 17:16:51 UTC
Rengas wrote:
Can confirm that Siggy has been compromised and is leaking personal information.

Went through my online checking account bank statements this morning and discovered some suspicious payments to HungCollegeHunks and BackdoorBandits.com.


Pretty sure those are just your normal subscriptions.

I'm not saying it is leaking personal information, though it is entirely possible to see someone's api info and email if they happen to be registering for the out of game access. I am more concerned about session hijacking, it is trivially easy to see other corps/alliances maps.

CSM 7 Secretary CSM 6 Alternate Delegate @two_step_eve on Twitter My Blog
Hidden Fremen
Lazerhawks
L A Z E R H A W K S
#4 - 2014-04-09 17:37:41 UTC
Rall Mekin
End-of-Line
#5 - 2014-04-09 17:46:32 UTC
Two step wrote:
Rengas wrote:
Can confirm that Siggy has been compromised and is leaking personal information.

Went through my online checking account bank statements this morning and discovered some suspicious payments to HungCollegeHunks and BackdoorBandits.com.


Pretty sure those are just your normal subscriptions.




Wrong, I'm the forum troll that's normal for.
Glyndi
Doom Generation
Best Intentions.
#6 - 2014-04-09 17:49:21 UTC
Hidden Fremen wrote:
Tripwire?



Confirmed as a better option Blink
Two step
Aperture Harmonics
#7 - 2014-04-09 18:10:27 UTC
Hidden Fremen wrote:
Tripwire?


Appears to not be vulnerable to this bug (note that I have not used it)

CSM 7 Secretary CSM 6 Alternate Delegate @two_step_eve on Twitter My Blog
Longinius Spear
Semper Ubi Sub Ubi
#8 - 2014-04-09 19:29:42 UTC
Does this mean I'll get more gud fights?

Read more of my ramblings on my blog www.invadingyourhole.blogspot.com
Eric 72826
Doom Generation
Best Intentions.
#9 - 2014-04-09 19:38:24 UTC
Glyndi wrote:
Hidden Fremen wrote:
Tripwire?



Confirmed as a better option Blink


I demand to know who you are and why your endorsement should be heeded.
Winthorp
#10 - 2014-04-09 19:43:05 UTC
Can confirm i to have been looking in windows and "Maes Trent" was wearing Sesame street pyjamas.
Tetsuo Tsukaya
Perkone
Caldari State
#11 - 2014-04-09 20:59:01 UTC
Am I in the right place for the Badger CTA? I checked and there's nothing on siggy QuestionQuestionQuestion
Bane Nucleus
Dark Venture Corporation
Kitchen Sinkhole
#12 - 2014-04-09 21:00:35 UTC  |  Edited by: Bane Nucleus
I am waiting for a colorful response from the siggy rep. haha

No trolling please
Jack Miton
School of Applied Knowledge
Caldari State
#13 - 2014-04-09 21:08:26 UTC
Does that mean people will fight us now?

There is no Bob.

Stuck In Here With Me:  http://sihwm.blogspot.com.au/

Down the Pipe:  http://feeds.feedburner.com/CloakyScout
Ayeson
State War Academy
Caldari State
#14 - 2014-04-09 21:10:25 UTC
Bane Nucleus
Dark Venture Corporation
Kitchen Sinkhole
#15 - 2014-04-09 21:13:01 UTC
Jack Miton wrote:
Does that mean people will fight us now?


Not when we have 60 people in fleet waiting on a wormhole Lol

No trolling please
Rengas
AQUILA INC
#16 - 2014-04-09 21:22:53 UTC
According to Siggy I am sitting in a cloaked Ishtar in Vlillirier in the Medium Outpost waiting for this Caracal to come in and start farmer pigging his LP.
Two step
Aperture Harmonics
#17 - 2014-04-09 21:25:05 UTC
Just a quick update, Halaro Elshona from THE EXOGEN CONSORTIUM (someone needs to lay off the caps key), is in an Omen named "Poik" in Kaaputenen.

Also, Maes Trent looks like they made it to their hole (or got blown up), as they are now in a capsule in J165940, in case anyone was worried about them getting in.

CSM 7 Secretary CSM 6 Alternate Delegate @two_step_eve on Twitter My Blog
Glyndi
Doom Generation
Best Intentions.
#18 - 2014-04-09 21:36:38 UTC
In other traffic related news, I'm in Phoenix waiting on a corner for Proc to give me a handy.
Daimian Mercer
Deep Core Mining Inc.
Caldari State
#19 - 2014-04-09 22:02:58 UTC
First:
I tried to warn Siggy's creator about some of the security flaws months ago...

Second:
I'm sorry for the delay for all those who were requesting access to Tripwire - got kind of flooded with requests :) I am nearly caught up and will be available for further pummeling for the next 6 hours.

And for the record Tripwire is now used by over 150 corps/alliances. Some big names in that list are testing it.




Creator of Tripwire mapping tool - EVE-O thread

Twitter | daimian.mercer@gmail.com
GRIM SOAR
Deep Core Mining Inc.
Caldari State
#20 - 2014-04-09 22:51:26 UTC
Slander. Interesting.

I've used both. I prefer siggy.

123Next pageLast page