Oh geez, I haven't had a dozen sliders since I left KC. Yummy! Especially at 2 am after drinking all night! :razz:

I worked at one during high school in Cowlumbus, Ahiah, where these suckers originated. For six weeks. Took two weeks to de-stink myself and clear up my contact lenses after I walked out. The post-bar-close crowd really pissed me off, a favor which I was only too happy to return!

"Sliders with brakes", are my favorites. Taking a class in Columbus Ohio, and after work we got drunk then headed to the Castle to sober up

Yeah baby -- Belly Bombs!

"That ain't nuthin".

Snowhog:

We can assume then that much stricter safeguards are in place here? You didn't mention it, but your comment implies it.

I too was surprised that the member information could have been taken from a Linux site. It will be a black eye for Canonical for sure. It is going to be tough for them to live that down.

Frank.

In addition to what Steve suggested, another possibility (which was the actual cause of a hack of another Linux site) is that a dev with admin capabilities loaned out his password OR used a weak password to his account.

As far as I know, yes, KFN (Kubuntu Forums . Net) is (better) protected. However, as SteveRiley stated, the exact vector used to compromise UF (Ubuntuforums) isn't (yet) known. The scuttlebutt however, is they (UF) didn't have their Admin Control Panel (sufficiently) protected. Ours is.

So are we (KFN) not at any risk? Any Internet presence that can be reached by the general public is at risk. But like houses being targeted by a burglar, the ones without obvious protection are the ones likely to be targeted. KFN has active protection designed to severely limit the possibility that unsavory types can obtain access. We have diligent Administrators. I believe that KFN is at little risk of having something like what happened to UF happen to us.

Snowhog:

Well said.

Thanks.

Frank.

Hi, I'm a wealthy prince from Nigeria and I need to get my millions into the United States and am looking for help .... J/K

However, you're lucky my post isn't like that. I did actually have the same password here as Ubuntuforums. However, I've changed it now so there's no danger. I'm guilty of using the same password on multiple forums. I assumed that no Linux user forum would get compromised. Obviously, my assumption was faulty.

I've been using different and very secure passwords for every banking site that I use. Then on forums I used mostly the same one. I'd guess I'd better clean up that act. No one could steal my money, but someone could come post spam in my name. I've been keeping all my passwords in an encrypted Treepad Business file and I got that app to run really well under WINE. However, I'm going to try that KeePassX utility.

I was on my way to Ubuntu forums to post about VirtualBox. I guess I'll do that here.

........... Wow ..... just wow ...........

One of my favorite vegetarian sites was hacked in the 90s via a virus. They were using a Microsoft OS for their server, ew, ew, ew, and their security practices were poor. I did not expect a Linux forum to get hacked.

Keepass helps me remember my passwords

I guess we're very much alike in that respect.

I've looked at such software in the past but discounted it as it seemed like too much hard work to set up as I have nearly 200 on-line identities although I reckon 150+ are seldom used now. Surprisingly, my Ubuntu Forums user-name and password combination was only duplicated with one other forum and it wasn't this one.

One thing for sure, the KF server isn't going to be hijacked by a single email arriving at the in-box.

If someone should ever get hold of my KFN password what could they actually do?

• Post something that could get me banned.
• Change my password and email address so that I couldn't access my own account.
• Try to guess other username / password combinations that I may or may not have at similar web-sites to this one.

I'd be far more worried if my bank's username/password database was compromised.

I know for sure that the user database of a forum that I seldom visit these days was used as a mailing list in connection with concentrated spam attacks. My email address was used both as the recipient and as the sender of hundreds of spam emails each day. Every couple of months I see a huge increase in either spam received or bounce messages for mail that I never sent.

I'll certainly review my password list but I'm really not too worried at this point.

Obtaining a regular users password doesn't put KFN at risk. If an Administrators password were compromised, we would be in trouble. But we (Admins) practice good password security, and I changed mine yesterday.

Using the same username and password for multiple sites is a poor practice, but one that (unfortunately) is an all to common practice by many. Separate usernames and separate passwords is strongly recommended. That, and not using simple, easy to guess passwords. A good practice (enforced by (all) U.S. Government agencies) is to require password changes at set intervals. Not changing your password results in suspension of the account.

My employer has a similar policy. Most of my passwords have to be changed monthly.

But I can't think of one of my personal on-line services that has asked me to change my password once it had been set.

A quick look at my personal password list tells me that I registered at one very insignificant site in 2008 and I am still using the same username/password combination.