Jump to content

Recommended Posts

Posted

NOTE: THIS IS NOT A "TEKKIT VS. FTB" THREAD PLEASE DON'T TURN IT INTO ONE

Those who use FTB might have already noticed this, but for those who didn't, there was a problem with the FTB launcher which caused Minecraft passwords to be publicly available. Details are here.

If you think you might be affected please go to Minecraft.net and change your password.

Posted

NOTE: THIS IS NOT A "TEKKIT VS. FTB" THREAD PLEASE DON'T TURN IT INTO ONE

Those who use FTB might have already noticed this, but for those who didn't, there was a problem with the FTB launcher which caused Minecraft passwords to be publicly available. Details are here.

If you think you might be affected please go to Minecraft.net and change your password.

...Why the heck would you post this here? Go to the FTB forums...

Posted

...Why the heck would you post this here? Go to the FTB forums...

This is a pretty big issue. Odds are that there are some FTB users that still lurk more around here than in the FTB forums. I think it would be safe to say that everybody who could be concerned should know about it.

Posted

This is a pretty big issue. Odds are that there are some FTB users that still lurk more around here than in the FTB forums. I think it would be safe to say that everybody who could be concerned should know about it.

But the issue only occurred on the FTB forums if you posted a log over there.

Posted

But the issue only occurred on the FTB forums if you posted a log over there.

if you posted a log anywhere from the FTB launcher it occurred, it sounds like. this may not be the FTB forums, but with an issue like this you can't have too much coverage when you're trying to get the word out. account security is serious business, even in minecraft.

Posted

As far as I can make out the only people affected are those who pasted an error to pastebin (edit: or anywhere) concerning failed login and such fro the console.

Regular users of FTB launcher seem to be unaffected. That said though It's never a bad thing to change you password now and then anyway.

Thx for the heads up lordlundar.

Posted

But the issue only occurred on the FTB forums if you posted a log over there.

My understanding was that your personal information was inadvertently recorded in your launcher log due to a bug. Say, if you copy-pasted this log, your account could be easily pirated by someone aware of the bug.

So, let's say Bobby makes a bug report on the FTB forums.

He keeps playing FTB, but doesn't really go in the forums, he's more on the Technic forums.

His account could have been hacked, and he wouldn't receive this warning.

Posted

Fair nuff. Re-reading my response is likely going to be read with a more serious tone than I meant. Sorry about that, and I agree it is important to get this out.

Again, we need a bashful smiley...

Posted

this thread seems like its very well behaved given the subject in question, lets just hope it stays that way.

on topic, im glad this is pasted in many places, give people the chance to know about it, and do something about it. I have to say well done to the FTB team for not just hiding away from the issue, and possibly causing their users some very serious issues. they have it out in the open and give people the chance to fix it, this is the way it should be done IMO.

Posted

I play on a tekkit server. But I have tried out the FTB launcher and several of it's packs and maps.

And I would hope that anyone who has passed an opinion on it has tried it too.

Last time I checked we are part of the minecraft modded community. (Even if we are the ones people cross the street to avoid.)

When stuff like this happens info needs to flow freely and rapidly. No one wants the repeats of big company names sitting on info like this for weeks.

Thankfully people have learnt from the mistakes of others about keeping this sort of thing quiet.

Just one thing though. It say's an earlier version of the launcher was responsible for this.

I am pretty confident they acted quickly, but would in these situations always prefer to know when this happened.

But I appreciate a post was probably put together in a hurry and such info was not left out intentionally.

Posted

looks like they worked fast to resolve the issues

EDIT: we have contacted pastebin and got all pastes removed with the passwords in. hopefully there should be no issues of someone stumbling upon it accidentally
Posted

unless they used pastie, or any number of other pastebin type websites.

i believe the main problem was that their launcher has a "post to pastebin" button, so a lot of people pressed it, but i could be wrong, and they could have removed that in a recent version

Posted

i believe the main problem was that their launcher has a "post to pastebin" button, so a lot of people pressed it, but i could be wrong, and they could have removed that in a recent version

ah, I see. still, the majority != everyone

Posted

i very much agree, i also agree that it should not have happened under any circumstance, and im not defending what they did, but i am gonna defend how they handled it, they got it sorted quickly and alerted their users, and did everything in their power to try and remove the records from the internet.

i fail to see how much more they couldve done (except not let it happen, obviously)

Posted

i very much agree, i also agree that it should not have happened under any circumstance, and im not defending what they did, but i am gonna defend how they handled it, they got it sorted quickly and alerted their users, and did everything in their power to try and remove the records from the internet.

i fail to see how much more they couldve done (except not let it happen, obviously)

I am pretty sure they sorted it quickly as well... But in truth none of us know that for sure, as none of us know when this happened. All we know is "an earlier launcher" was responsible.

Not trying to make something out of nothing here but for all we know an earlier launcher could of been weeks ago. (not that I think it was)

This is why I think it's important to give a full timeline when announcing things like this.

Example: Is someone who made a paste of a login error 10 days ago at risk or do they have nothing to worry about ? At the moment such speculation only exists because of lack of an honest timeline.

As I said in a previous post I don't think that info was left out for any sinister reasons but I think it's valid information.

Edit: the quote actually says "recent" rather than "earlier". But my point still stands.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...