blonde poker forum
Welcome, Guest. Please login or register.
July 23, 2025, 11:40:05 PM

Login with username, password and session length
Search:     Advanced search
2262399 Posts in 66606 Topics by 16991 Members
Latest Member: nolankerwin
* Home Help Arcade Search Calendar Guidelines Login Register
+  blonde poker forum
|-+  Poker Forums
| |-+  The Rail
| | |-+  If you have Online Poker Accounts - YOU MUST READ THIS
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: 1 2 3 4 5 [6] Go Down Print
Author Topic: If you have Online Poker Accounts - YOU MUST READ THIS  (Read 12331 times)
totalise
Hero Member
*****
Offline Offline

Posts: 2620


View Profile
« Reply #75 on: November 16, 2007, 12:29:28 AM »

I think some form of 2 factor authentication (example) would probably be better, I know a few people who need to use them to log in to their companies network, and I think some banks use similar things.

Yes that would be good, but obviously expensive to implement and the delay created might put off the sites, while my suggestions would improve matters more simply.  The main point I was trying to make is that there are too many accounts being hacked and the sites are clearly being negligent in their practices. 

Or the users in theirs!

I'm not sure how you would (reliably) lock down access to only one machine.

Even then I imagine that it would be possible to either spoof the user's machine, or maybe even use their own machine.

If the attackers somehow have access to the site's system then I imagine they could just change the setting from that end and gain access that way.

dont each computer have a unique MAC address?

Anyways, what I dont get is why sites dont allow users to "opt out" of playing for X hours, they have a version like this anyways, so they can extrapolate it so that if u are going to bed and know u wont play for 10/12 hours etc, then u can ban urself from playing so that no activity can occur on your account... it would cut out this shit immensely.

Logged
Bongo
Hero Member
*****
Offline Offline

Posts: 8824



View Profile
« Reply #76 on: November 16, 2007, 12:32:21 AM »

It would take seconds to clone a MAC address.
Logged

Do you think it's dangerous to have Busby Berkeley dreams?
totalise
Hero Member
*****
Offline Offline

Posts: 2620


View Profile
« Reply #77 on: November 16, 2007, 12:33:51 AM »

It would take seconds to clone a MAC address.

ok, you got 10 min to clone mine, starting from now!
Logged
Bongo
Hero Member
*****
Offline Offline

Posts: 8824



View Profile
« Reply #78 on: November 16, 2007, 12:39:58 AM »

The poker client could surely be easily numbered (it probably is anyway)- so the hacker would need to know that number and be able to modify a client to imitate that number and the user's password.

...

Errr the sites negligence again.

It would be trivially easy to change that though, either in the software itself or simply change the value when the packet is sent from your machine to theirs.

Also I know in my second examples it's the site being negligent, I was just pointing out that that method could still be compromised at both ends!
Logged

Do you think it's dangerous to have Busby Berkeley dreams?
Bongo
Hero Member
*****
Offline Offline

Posts: 8824



View Profile
« Reply #79 on: November 16, 2007, 12:51:56 AM »

It would take seconds to clone a MAC address.

ok, you got 10 min to clone mine, starting from now!

I think I'd need more than 10 minutes to do it the first time!

It will take me longer than that to remember what the tool to do it is called Tongue
Logged

Do you think it's dangerous to have Busby Berkeley dreams?
doubleup
Hero Member
*****
Offline Offline

Posts: 7130


View Profile
« Reply #80 on: November 16, 2007, 12:52:22 AM »

The poker client could surely be easily numbered (it probably is anyway)- so the hacker would need to know that number and be able to modify a client to imitate that number and the user's password.

...

Errr the sites negligence again.

It would be trivially easy to change that though, either in the software itself or simply change the value when the packet is sent from your machine to theirs.


Eh?  You have an unknown number in your client - how in gods name is the hacker going to find out that number as the communication will be encrypted?  

Logged
Pages: 1 2 3 4 5 [6] Go Up Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.136 seconds with 19 queries.