Just got logged in automatically as another user? Page 2

  • Page

    of 3 First / Last

  • graysonavich 17 Jun 2013 10:10:29 7,309 posts
    Seen 6 days ago
    Registered 4 years ago
    Take the hint.
  • Deckard1 17 Jun 2013 10:10:43 27,037 posts
    Seen 3 minutes ago
    Registered 5 years ago
    IT'S THE FEDS
  • AcidSnake 17 Jun 2013 10:17:15 7,212 posts
    Seen 11 minutes ago
    Registered 8 years ago
    Yeah, got logged out here as well...

    AcidSnake - He can't see your sig, avatar, images or vids and talks about himself in the third person because he's proper old-skool...UID 24017

  • Steve_Perry 17 Jun 2013 10:25:13 3,498 posts
    Seen 18 minutes ago
    Registered 2 years ago
    Sounds like an NSA operation. I better ring The Guardian.

    VIVA STEFANSEN

  • kalel 17 Jun 2013 10:38:08 86,239 posts
    Seen 32 minutes ago
    Registered 11 years ago
    It's very disconcerting every time I get logged out (which is frequently) knowing that it could be because someone else has logged in under my profile.

    This is a pretty major issue. Would be nice to know it's one that has been acknowledged and is being fixed given it's a security thing.
  • neilka 17 Jun 2013 10:41:49 15,619 posts
    Seen 28 seconds ago
    Registered 9 years ago
    Yewtree server raid I reckon
  • Deckard1 17 Jun 2013 10:42:57 27,037 posts
    Seen 3 minutes ago
    Registered 5 years ago
    I'm fairly sure Microsoft is to blame in some way.
  • DFawkes 17 Jun 2013 10:47:14 22,580 posts
    Seen 2 minutes ago
    Registered 9 years ago
    FRAUD ACTIONS! Though in all seriousness there are real legal implications on having a security flaw such as this. Not that I care in the slighest, I don't have anything I'd regard as secure on EG. If I did care I wouldn't be using the worlds least secure password. No, not "password" or "12345" or anything like that.

    I'd kick the living daylights out of the producers of Tipping Point - Ghandi

  • Deleted user 17 June 2013 10:47:55
    I've been logged out twice now, would be very amusing were someone to read my pms.

    Pretty major technical issue though?
  • BillMurray 17 Jun 2013 10:49:22 7,604 posts
    Seen 9 hours ago
    Registered 6 years ago
    Yup, got logged out here also.
  • nickthegun 17 Jun 2013 10:50:03 58,782 posts
    Seen 47 minutes ago
    Registered 9 years ago
    Choppi wrote:
    would be very amusing were someone to read my pms.
    Hairyarse pretty much tells us all what they say anyway.

    ---------------------------------------------------------
    He totally called it

  • DFawkes 17 Jun 2013 10:51:06 22,580 posts
    Seen 2 minutes ago
    Registered 9 years ago
    Don't worry folks, EG are registered with the ICO so will keep our information safe as houses :)

    Edited by DFawkes at 10:52:05 17-06-2013

    I'd kick the living daylights out of the producers of Tipping Point - Ghandi

  • graysonavich 17 Jun 2013 10:58:11 7,309 posts
    Seen 6 days ago
    Registered 4 years ago
    Oh noes PMs. Someone else could take advantage to all those Sony offers I get spammed with.
  • glaeken 17 Jun 2013 10:59:30 11,083 posts
    Seen 5 hours ago
    Registered 9 years ago
    It happened to me yesterday from my home machine. It logged me in as some user who had only ever made 1 post. Pretty weird.
  • Mr_Sleep 17 Jun 2013 11:11:43 16,838 posts
    Seen 23 minutes ago
    Registered 12 years ago
    I was logged out this morning as well.

    You are a factory of sadness.

  • Salaman 17 Jun 2013 11:12:44 18,836 posts
    Seen 1 hour ago
    Registered 10 years ago
    Booo. I was logged out and I was half hoping to land in someone else's account then.
  • mrpon 17 Jun 2013 11:12:58 28,402 posts
    Seen 2 hours ago
    Registered 8 years ago
    Also logged out.

    Give yourself 5 or gig, you're worth it.

  • Deleted user 17 June 2013 11:13:44
    yeah same here, but also my orange account too.. and my your oragne doesn't seem to work...

    /paranoid
  • TheSaint 17 Jun 2013 11:13:45 14,197 posts
    Seen 26 minutes ago
    Registered 9 years ago
    glaeken wrote:
    It happened to me yesterday from my home machine. It logged me in as some user who had only ever made 1 post. Pretty weird.
    How many have they made now?
  • glaeken 17 Jun 2013 11:17:53 11,083 posts
    Seen 5 hours ago
    Registered 9 years ago
    I failed to take advantage of the situation. I had no idea it was a general thing until I saw this thread. Actually I don't think I care enough about this forum to need to take advantage of temporary anonymity.
  • craigy Staff 17 Jun 2013 11:21:00 7,491 posts
    Seen 2 hours ago
    Registered 8 years ago
    Hello everyone,

    Apologies for the delay in responding to this thread. We've been looking into the problem and I can report the following:

    - During the Microsoft E3 livetext, our servers were under considerable pressure. We had a team on hand all night to tweak server configurations to keep the site working.

    - At one point a new Varnish (https://www.varnish-cache.org/about) configuration was deployed to our live servers which incorrectly supplied an authentication cookie for a single user account to all page requests. This meant several people were logged on as a single user named "BulletApe".

    - This problem was quickly spotted, and a new Varnish config was deployed to stop the problem from spreading to more users.

    - The issue affected any users who made page requests between 23:12 and 23:24 on 10th June. Everyone else remains unaffected.

    - This morning I decided to globally invalidate all active logins to force everyone out of the single account. This means you would have been logged out earlier this morning. Sorry about that.

    - The small number of users who were logged in as BulletApe had no access to his password, but could have edited his profile and posted as him.

    Obviously this sort of thing should not happen, and we're reviewing our live deployment process to try and catch this sort of mistake before it happens again. If you want any more information, please feel free to ask.

    Thanks, Craig
  • DFawkes 17 Jun 2013 11:24:21 22,580 posts
    Seen 2 minutes ago
    Registered 9 years ago
    Nicely done then Craigy, thanks for the info :)

    I'd kick the living daylights out of the producers of Tipping Point - Ghandi

  • neilka 17 Jun 2013 11:24:37 15,619 posts
    Seen 28 seconds ago
    Registered 9 years ago
    DAMN YOU BULLETAAAAAAAAAAAAAAAAAAAPE
  • monkehhh 17 Jun 2013 11:26:32 3,266 posts
    Seen 2 days ago
    Registered 6 years ago
    Thanks Craigy, group hug?
  • B0rked_Gamer 17 Jun 2013 11:26:37 2,480 posts
    Seen 6 seconds ago
    Registered 8 years ago
    Is this the real life?
  • neilka 17 Jun 2013 11:27:17 15,619 posts
    Seen 28 seconds ago
    Registered 9 years ago
    Wait, so who was glaeken logged in as?
  • Deleted user 17 June 2013 11:29:33
    I got logged in as someone else last week. Can't remember his name but it was 5 letters. BIAHB or something.
  • caligari 17 Jun 2013 11:34:12 16,986 posts
    Seen 4 days ago
    Registered 12 years ago
    I bring this up every year or so, but at the moment it's far too easy to change an account's password. You should at least need to know the original password - the change should then have to be confirmed via E-mail...or summink.

    Edited by caligari at 11:34:29 17-06-2013
  • graysonavich 17 Jun 2013 11:38:51 7,309 posts
    Seen 6 days ago
    Registered 4 years ago
    HairyArse wrote:
    I got logged in as someone else last week. Can't remember his name but it was 5 letters. BIAHB or something.
    REVAN?
  • Shikasama 17 Jun 2013 11:59:42 6,599 posts
    Seen 15 seconds ago
    Registered 5 years ago
    That BulletApe, what a japester. Maybe even a card.
  • Page

    of 3 First / Last

Log in or register to reply