|
|
| Author |
Thread Statistics | Show CCP posts - 2 post(s) |
Mithridates VI
IMPSwarm
Negative-Feedback
2028
   |
Posted - 2013.07.03 10:02:00 -
[1] - Quote
Someone should probably mention to you guys that the mail servlet used to send out mass emails like "hey, players, there's a human endurance event" or "please fill out a survey" contains a link at the top labelled "View this message in a browser" which will open links.mail.dust514.com/servlet/MailView followed by a series of variables which tell the system who you are and which message you want to look at.
Unfortunately, if you make the appropriate changes to the part of the URL which tells the servlet who you are, you can view a message that was sent to someone else. You can also view the email address associated with their PSN. Presumably you could farm a list of character names and associated email addresses.
CCP were advised of this mid-May. It's on a third-party provider to actually fix the thing, but if CCP aren't going to disable the system, it seems appropriate that everyone be warned of the possibility that their email address has been disclosed. As far as I know, there is no evidence that this has occurred but it's polite to let customers know that the possibility existed.
I kind of expected that CCP would do this but, personally, have received no such notification, so here it is. Hopefully CCP comment in here to say that the reason no announcement was made is that they have fully explored the possibility of this being exploited and determined that nobody is at risk but the fact that the system remains vulnerable concerns me enough to advise players myself. |
Mithridates VI
IMPSwarm
Negative-Feedback
2032
|
Posted - 2013.07.03 10:24:00 -
[2] - Quote
GLiMPSE X wrote:Unfortunately, most of the time it takes public scrutiny to get these things pushed through. Mith followed the norm in the industry by giving them plenty of notice prior to publishing his findings.
Basically this is my position. I put a great deal of consideration into creating the thread, fully aware that disclosure would give a small window of opportunity to exploiters. Lack of disclosure gives a greater window.
I honestly expected a temporary solution to immediately close the hole. More than a month later, no such patch/service suspension is in place and without public attention the possibility exists that further time could be used by anyone else aware of the issue to exploit it.
IMO, ideally this thread will result in the servlet being taken offline in part or in whole until it is secure. |
Mithridates VI
IMPSwarm
Negative-Feedback
2034
|
Posted - 2013.07.03 10:34:00 -
[3] - Quote
Jaqen Morghalis wrote:Oh, no! Not my email address!
That information is supposed to be top-secret level 5 classified! Now my secret identity is blown! My loved ones are in danger!
Seroiusly, though, what's the worst-case scenario here, some extra spam emails?
Derp. I'm glad you don't suffer at all from having your email address known. Some would prefer their FirstName.LastName@gmail not be attached to their character. I don't mind giving them that right.
I'm out of this thread now. Those who are pleased to know, you're welcome. Those who inevitably react with"OMG MITHILEAKS", I'm not going to engage with because it would look too much like returning to the forums. |
Mithridates VI
IMPSwarm
Negative-Feedback
2034
|
Posted - 2013.07.03 10:45:00 -
[4] - Quote
Fair enough if you want to edit out that bit, Eterne. Please also remove it from GLiMPSE X's post where it is quoted.
My feeling was that identifying the mail servlet gave as much useful info to a would-be attacker as that brief comment about the method, but I don't want to spell it out further than necessary if you think the post did that. |
Mithridates VI
IMPSwarm
Negative-Feedback
2036
|
Posted - 2013.07.03 10:48:00 -
[5] - Quote
Jaqen Morghalis wrote:Maybe if you could explain how this grievous oversight and negligence on CCP's part might potentially cause me more than a slight inconvenience, I might share your concern over this "threat" to my personal security.
I'm not going to enumerate the possible attacks based on having the personal details and PSN login of another player because I don't want to give anyone any ideas. Sorry if that doesn't convince you, but I'm mainly looking to advise people who feel it significant. |
Mithridates VI
IMPSwarm
Negative-Feedback
2047
|
Posted - 2013.07.04 06:49:00 -
[6] - Quote
CCP Stillman wrote:When we were made aware, we rewarded the reporter as per our PLEX for Snitches program.
This is true.
CCP Stillman wrote:As a part of that, we no longer include the email which it's sent to as a part of the mail. Also, technical changes were made on the backend to prevent abuse of this at a large scale. We're still actively working with them to fix this issue fully, but this is not something that gets done over night.
I'm glad to hear that something has been done to prevent large scale abuse but it's surprising to see that something like programatically removing the email addresses from historical messages is not possible. If control over the content of an email is not made possible by hosting it in full I'm afraid I don't see the point in the system used to host the messages at all.
|
|
|
| |
|