marahmarie: my initials (MM) (Default)

To protect the privacy of anyone affected by this, I'm not going to mention any of my contact names here (and I'm not going to email some of you to let you know, either, because you would be like "What?" and I don't feel like dealing with the attitude).

So...if you read my blog, or have read my blogs in the past, or if you know that I've read your blog(s) and we have corresponded in the past ("the past" meaning roughly 2004-2008) with an old email address of mine that starts with the letter "a" (I only had one that starts with that letter, so it's not hard to figure out) my Gawker Media log-in was revealed on Pirate Bay in the attack a few weeks ago, and that email account, which was tied to my Gawker log-in, has most likely been hacked (I cannot get into it anymore, and a certain Yahoo rep will not let me reset my password).

I've been sporadically (when I have time) freezing this email address every 12 hours by deliberately exceeding my password reset limits, but that only goes so far, especially if my email account has already been broken into. Just a sort-of friendly heads up - *shrugs* - there's not much else I can do, except try to warn folks. And by "sort of", I mean I wouldn't wish a privacy breach of this magnitude on my worst enemy (what the hell - you know who you are). I just wouldn't.

OK, now that the "personal" part of this entry is over, I can go back to being a normal writer...tonight [personal profile] madgravity gave me this link to a widget that you can check to see if your Gawker account and/or email has been "compromised" test results were, indeed, double-positive. More on how the cryptography behind the Gawker Media password release works here (if you're into that sort of thing....I find it fascinating, but it may put you to sleep).

Oh, and Reading List, don't be surprised if I start locking more old and new posts to Access-only (but if that becomes the case, I will probably grant nearly everyone on my list complete access - I may not decide until next year, which is only a week or so away)...stuff like this is kind of starting to freak me out.

marahmarie: my initials (MM) (Default)

Seriously, change your passwords. Now. I will grumble about this forever since my password for Gawker wasn't auto-generated by LastPass, the last password manager I will ever need, and the one I usually use to create my passwords. Just my luck. Which, as usual, is rotten.

The non-auto-generated password I chose for Gawker (I've already changed it, but it's too late) was *tries not to scream while writing this* similar enough to passwords I use in at least three other contexts (I'd name them, but my password is now sitting in a publicly available text file, so never mind) that now I must change those, too.

I understand the hacker was pissed at Gawker for allegedly taunting hackers in general, but big deal: why does my password now have to sit in a publicly available text file with thousands of other people's passwords on Pirate Bay? Is there a fucking reason for this?

Is it supposed to make commenters like me enjoy Gawker less or distrust Gawker more? It will do exactly the opposite on both counts, because I'm fucking infernal like that.

Did I somehow piss the hackers off? No. Did any of the other Gawker users? Most likely not. So what was the point? To piss Denton off? Come on, he's probably flattered anyone went to the trouble.

There's hacking, which is not only useful, but also the entire point of open source - to protect us from obscure holes by exposing and patching them for the sake of the community - then there's l33t hckrs (oh, btw, go back to your fucking basements), who are just wasting everyone's time and compromising the sanctity of god knows how many sensitive online accounts to prove a point - to Nick Denton? - not so useful, seriously! Screw this shit.


Or else get stuck trying to figure out this bullshit - the choice is yours.