_GOTOBOTTOM
Site Talk
Site announcements, comments, or feedback about the site.
Alert for all Users - Security Breach..
jimbrae
Visit this Community
Provincia de Lugo, Spain / España
Joined: April 23, 2003
KitMaker: 12,927 posts
Armorama: 9,486 posts
Posted: Friday, January 13, 2006 - 06:43 PM UTC
For those of you who have accounts both here and Track-Link , it would be advisable to change your passwords IN CASE YOU ARE USING THE SAME ONE ON BOTH SITES!!! ... The reason for this warning is the following:

Last night, Paul Owen , the owner and operator of Track-Link signed onto Armorama using MY Account and Password and left a message.

Now, it wasn't anything offensive, simply his (perverted) idea of a joke. He has tried since, to cover himself by making a claim thet it was done to 'highlight' security lapses.

What it actually was was a total breach of trust. Anyone who has their passwords in T-L, obviously can expect them to be used by this charming individual.

Simply put, CHANGE YOUR PASSWORDS NOW!!! also pass the word, it is doubtful that Paul Owen (after last night's incident) can be trusted with YOUR details. You have been warned!!!!..Jim
Marty
Visit this Community
Massachusetts, United States
Joined: June 16, 2002
KitMaker: 2,312 posts
Armorama: 1,054 posts
Posted: Friday, January 13, 2006 - 07:00 PM UTC
Definitely not cool! What was he thinking? Also, why are the passwords visible in his user database? That's just poor programming.
Teacher
Visit this Community
England - North West, United Kingdom
Joined: April 05, 2003
KitMaker: 4,924 posts
Armorama: 3,679 posts
Posted: Friday, January 13, 2006 - 07:02 PM UTC
Martin, if there is anything he is NOT, then it's a poor programmer. Hence he wanted to see the passwords. Draw your own conclusions, but I wouldn't trust him as far as I could kick his ass.

Vinnie
Mojo
Visit this Community
Ontario, Canada
Joined: January 11, 2003
KitMaker: 1,339 posts
Armorama: 637 posts
Posted: Friday, January 13, 2006 - 07:04 PM UTC
Has he, or will he be banned from here?

Dave
mongo_mel
Visit this Community
Pennsylvania, United States
Joined: June 04, 2002
KitMaker: 1,580 posts
Armorama: 0 posts
Posted: Friday, January 13, 2006 - 07:10 PM UTC
Thanks for the warning.
What an unbelievable breech of trust!
Craig
tankysgal1
Visit this Community
Nebraska, United States
Joined: January 28, 2004
KitMaker: 1,430 posts
Armorama: 0 posts
Posted: Friday, January 13, 2006 - 07:18 PM UTC
Jim..thanks for the heads up...I can't believe that the owner of the site..above all people..would do such a thing. Wayyy not cool...
EasyOff
Visit this Community
Massachusetts, United States
Joined: January 20, 2005
KitMaker: 926 posts
Armorama: 356 posts
Posted: Friday, January 13, 2006 - 07:24 PM UTC
Let me get this straight, do we need to change our passwords here if we're not members of Track Link?

Erik67
Visit this Community
Buskerud, Norway
Joined: July 31, 2005
KitMaker: 1,871 posts
Armorama: 1,423 posts
Posted: Friday, January 13, 2006 - 07:24 PM UTC
...and by a simple push on a button Track.Link is not in my favourites anymore... Goodbye, Mr. Owen.

Thanks for the warning, Jim.
Sabot
Joined: December 18, 2001
KitMaker: 12,596 posts
Armorama: 9,071 posts
Posted: Friday, January 13, 2006 - 07:35 PM UTC

Quoted Text

Let me get this straight, do we need to change our passwords here if we're not members of Track Link?

No, at least according to his post, there are members at both here and TL that use the same/similar username at Armorama as they do at TL. These folks are also using the same password for both usernames. You should not have a problem if you do not have a TL account or if you use a different password.

He can see their TL password and he tried someone's TL password with their Armorama username. It worked, but I think it will do eventually more harm to his site than good. He's shown that he can and will access personal information for his own purposes. He's broken the trust between users and site administration.
Tony_Frey
Visit this Community
Missouri, United States
Joined: May 03, 2003
KitMaker: 272 posts
Armorama: 142 posts
Posted: Friday, January 13, 2006 - 07:41 PM UTC
He has the gall to post this on his forum:

Subject: Passwords and inter-site Security Locked
Date: Jan 13, 2006
From: Paul A. Owen
I just found out that some of you guys are using the same passwords for various web-sites. This is not a very good practice since naughty administrators can log in as you on other sites. It's actually a common problem.

Just to let you know how serious of a problem this is... have you used the same passwords that you use for PayPal, EBay or your bank...? Changing someone's forum messages is one thing, draining someone's bank account is another matter.

So, if you are doing this it may be a good idea to change your passwords to something different.

Paul.

keenan
Visit this Community
Indiana, United States
Joined: October 16, 2002
KitMaker: 5,272 posts
Armorama: 2,844 posts
Posted: Friday, January 13, 2006 - 07:45 PM UTC
Quote from some nameless website's terms and conditions page:

"Registration and Password
You are responsible for maintaining the confidentiality of Your personal information and password. You are responsible for all uses of Your registration, whether or not authorized by You. You agree to immediately notify Track-Link Web Site of any unauthorized use of Your registration or password."

Wow,

Shaun

EasyOff
Visit this Community
Massachusetts, United States
Joined: January 20, 2005
KitMaker: 926 posts
Armorama: 356 posts
Posted: Friday, January 13, 2006 - 07:49 PM UTC
Thanks Robin. Just to be safe, I changed it anyway. It was painless and quick.
Salvo
Visit this Community
Armed Forces Pacific, United States
Joined: August 14, 2005
KitMaker: 311 posts
Armorama: 182 posts
Posted: Friday, January 13, 2006 - 07:50 PM UTC
I am not sure, but I think you could report him to someone for tampering. That would be considered hacking. IF he uses his database to gain login ID's and passwords then he could very well access other sites you are registered or use your credentials to creat an account at a porn site or something. I guess you could consider it a type of identity theft. Anyways make sure you protect yourselves.

Cheers,

Salvo
Teacher
Visit this Community
England - North West, United Kingdom
Joined: April 05, 2003
KitMaker: 4,924 posts
Armorama: 3,679 posts
Posted: Friday, January 13, 2006 - 07:55 PM UTC
Maybe a Canadian member should report him to RECOL?

Vinnie
Kelley
Visit this Community
Georgia, United States
Joined: November 21, 2002
KitMaker: 1,966 posts
Armorama: 1,635 posts
Posted: Friday, January 13, 2006 - 07:56 PM UTC

Quoted Text

Martin, if there is anything he is NOT, then it's a poor programmer. Hence he wanted to see the passwords. Draw your own conclusions, but I wouldn't trust him as far as I could kick his ass.

Vinnie


Couldn't have put it any better myself. I've never thought too highly of his site or the individual after numerous comments here and elsewhere he has posted in the past, this just cements it. Now I'm really glad I'm not a TL member.

Mike (waiting eagerly for Mr. Owen's next flippant post/remark)


generalzod
Visit this Community
United States
Joined: December 01, 2001
KitMaker: 3,172 posts
Armorama: 2,495 posts
Posted: Friday, January 13, 2006 - 08:04 PM UTC
I just gotta wonder why he is doing this I've never seen him do something stupid like this
Spades
Visit this Community
California, United States
Joined: February 08, 2003
KitMaker: 776 posts
Armorama: 477 posts
Posted: Friday, January 13, 2006 - 08:24 PM UTC
Done, both with my password and his site.
jimbrae
Visit this Community
Provincia de Lugo, Spain / España
Joined: April 23, 2003
KitMaker: 12,927 posts
Armorama: 9,486 posts
Posted: Friday, January 13, 2006 - 08:25 PM UTC

Quoted Text

I've never seen him do something stupid like this



Hmmm. You should have seen some of his other antics....Jim

Jacques
Visit this Community
Minnesota, United States
Joined: March 04, 2003
KitMaker: 4,630 posts
Armorama: 4,498 posts
Posted: Friday, January 13, 2006 - 08:32 PM UTC
Hey Now, just to be fair, Canadiens, like us Minnesotans, are of a completly different breed and tend to think differently from all you "warm weather" folk.

However, while the point of his argument is probably from the best of intentions, this is definately NOT the way to go about doing things. He has been paranoid about his site security for a while...I wonder if this is an effect of that?

Regardless, we now have model site wars on the internet...just great.
Ripster
Visit this Community
Wien, Austria
Joined: June 01, 2005
KitMaker: 970 posts
Armorama: 0 posts
Posted: Friday, January 13, 2006 - 08:33 PM UTC
He actually raises a good point about not using the same password in several different places (something I'm guilty of, and probably a lot of others too...)

But logging into someone else's account and posting messages? DEFINITELY not the way to highlight the issue!
jimbrae
Visit this Community
Provincia de Lugo, Spain / España
Joined: April 23, 2003
KitMaker: 12,927 posts
Armorama: 9,486 posts
Posted: Friday, January 13, 2006 - 08:36 PM UTC

Quoted Text

However, while the point of his argument is probably from the best of intentions, this is definately NOT the way to go about doing things. He has been paranoid about his site security for a while...I wonder if this is an effect of that?



Three senior Staff-Members on THIS site, have been the subject of his attacks on repeated occasions. There is no evidence whatsoever that he is doing this in an 'altruistic' manner. It is breach of trust - pure and simple...Jim
Tarok
Visit this Community
Victoria, Australia
Joined: July 28, 2004
KitMaker: 10,889 posts
Armorama: 3,245 posts
Posted: Friday, January 13, 2006 - 08:38 PM UTC
Wow! What an unbelievable act of betrayal of trust and faith in site and systems administration. OMG, if something like that was ever done by someone in my company it would be immediate grounds for dismissal. If we did it on a client or even a competitors site, we'd have a law suite on our hands.

He may be a good or even great programmer, but he certainly isn't a good IT person - he appears to lack any sense of integrity.

Shame on you, Paul Owen, you are giving all us IT guys a bad name!!!!!!

Rudi

p.s. Jim Rae.... I must admit I thought it rather bizarre you saying PO was "a great guy too"....
Delbert
#073
Visit this Community
Pennsylvania, United States
Joined: October 05, 2002
KitMaker: 2,659 posts
Armorama: 1,512 posts
Posted: Friday, January 13, 2006 - 08:49 PM UTC
Seems like Track-Link wants to become Hack-Link.

this seems like he might be tryiing to show off.. but Its the wrong way to go about it..
markm
Visit this Community
California, United States
Joined: September 11, 2005
KitMaker: 1,757 posts
Armorama: 1,148 posts
Posted: Friday, January 13, 2006 - 09:00 PM UTC
This guy sucks-especially after the crap he pulled with the post in his forum that someone here found the other day. By the way, does anyone know if he has any connections with any places that we might make purchases from? I just want to know who not to do business with.

AH-He's probably married to his sister anyway
gcdavidson
Visit this Community
Ontario, Canada
Joined: August 05, 2003
KitMaker: 1,698 posts
Armorama: 1,563 posts
Posted: Friday, January 13, 2006 - 09:11 PM UTC
what an incredible breach of trust. I see that Owen is resorting to his old antics and his hackneyed defence of "It was only a joke" , an excuse he frequntly trots out when his malicious behaviour is brought to light.
 _GOTOTOP