-
Welcome, Guest! We hope you enjoy the excellent technical knowledge, event information and discussions that the BMW MOA forum provides. Some forum content will be hidden from you if you remain logged out. If you want to view all content, please click the 'Log in' button above and enter your BMW MOA username and password. If you are not an MOA member, why not take the time to join the club, so you can enjoy posting on the forum, the BMW Owners News magazine, and all of the discounts and benefits the BMW MOA offers?
-
Beginning April 1st, and running through April 30th, there is a new 2024 BMW MOA Election discussion area within The Club section of the forum. Within this forum area is also a sticky post that provides the ground rules for participating in the Election forum area. Also, the candidates statements are provided. Please read before joining the conversation, because the rules are very specific to maintain civility.
The Election forum is here: Election Forum
MOA Forum Hacked?
- Thread starter bbolesaz
- Start date
There's a lot going on behind the scenes. Yes, just about everyone was "locked out" for a bit. There are some software upgrades going on and stepping through those takes quite a bit of tweaking. We were stable with the forum software for some time but because of the hack into the database last month, the decision was made to move the forum versions along to try and take advantage of new security patches, etc. Being that this is above my understanding of how forums/software works, that's about all that I know.
Hang in there, things will get better!
Hang in there, things will get better!
Bobmws
Curmudgeon At Large
Darryl,
I was in account management. I just looged on again and was able to change it. Thanks to all of you behind the scenes for the hard work.
gimmeshelter
New member
Hacking
I am more than a little incensed at how this is being handled by the organization. I would expect a full responsible accounting of what is going on and not have to go to a forum to find out what other's think is going on.
Very poor management. Is this a cover up?
This is probably the first time I have thought of quitting the Club. Right now I feel as much a member to the BMWOA as I feel being a member of Costco.
I am more than a little incensed at how this is being handled by the organization. I would expect a full responsible accounting of what is going on and not have to go to a forum to find out what other's think is going on.
Very poor management. Is this a cover up?
This is probably the first time I have thought of quitting the Club. Right now I feel as much a member to the BMWOA as I feel being a member of Costco.
Forum Liason DarrylRi posted <a href=http://forums.bmwmoa.org/showthread.php?t=58115">this thread</a> soon after the intrusion was discovered. This isn't about "what others think is going on," but what BMWMOA thinks is going on. It seems quite reasonable to me.
YMMV. Mine is they're doing pretty well here. I like the distinction between the first thread (what happened) and this one (what everyone thinks)
rob nye
Ritalin Poster Boy
Good morning,
Cover up? What's to cover?
Here's the issue as I see it.
Background: The MOA runs a membership e-commerce system. These systems are very expensive (think six figures) and take a ton of time to implement. The MOA invested the time and effort to get the member database integrated with a system that allows us to preregister for the rally, join, renew and buy some swag from the Country Store.
That's a HUGE member benefit that in this day and age the average user thinks should perform like a utility, i.e. always be there. I see this with IT at work because people have no idea what it really takes to "keep the lights on." Especially with regards to costs and delivery time.
Along the way we rolled out the forum using V-Bulletin. VB is recognized as one of the gold standards of forum software. It's run by many sites larger than this and some of the chartered clubs also run VB.
The challenge was and still is how do you maintain a member database for the e-commerce and have the same user id and log in work across the forum. The easy way out is to purchase the forum module from the e-commerce vendor but when you compare it to VB it is painfully bad.
The solution involves a custom interface between the two databases. This is not off the shelf stuff and it isn't something that some geek in a closet can do in a day, or perhaps even a week. IIRC the original interface took months.
As an admin of a VB forum I can testify that they offer patches and updates on a frequent basis. They are very quick to provide information and a patch on urgent security issues. They're so good that as a volunteer admin sometimes I have a hard time keeping up. That's because a good admin doesn't just load patches willy-nilly, first the DB is backed up and the patch might even be run on a test system first. The MOA has very good VB Admins, sometimes I go to them for advice on my system.
The elephant in the room is the interface. Every patch and update to either system carries the risk that the interface will need to be re-coded. This is something that's much easier to deal with if it can be planned, tested and validated, vs being built due to a system down issue. Break fixing sucks.
So to sum it up, the MOA admin team is challenged to keep both systems current and the interface working just right; plus you've got 90 days until rally registration opens which is a big hit on the system. Because of the need to test and validate every patch it's completely understandable that they got caught by a hacker, the same thing happened to my board but as it's smaller I just took it off line for five days. Our admins don't have the luxury of being able to do that.
Ultimately what happened is someone got into the VB database and pulled out username, email (in plain text) and passwords (in hash keys). That's all they got.
What the admin team has been able to do is update the forum to the latest update for this version. This should have closed the leak. I'm willing to wager they're working on updating to the most current version which is a huge job, plus the user interface will change. If you want to see what it looks like check out the YB forum. It is also quite possible that they'll stay with this version as long as VB is supporting it; If I was running the show that would be a strong consideration, especially with rally registration coming up. At the very least I'd get the ball rolling on testing so the upgrade trigger could be pulled on my schedule, not some hackers.
The worst thing that will happen to the users is more spam. If you use gmail, comcast etc chances are you won't even notice, it'll just be more load on their spam boxes. You should watch out for the ones that do get through, they will not be offering to grow your unit, they'll have a link that they want you to click.
These emails could even look like they came from the MOA with instructions to click here to update your personal information.
DO NOT DO THAT.
There has been plenty of discussion on passwords and such, by now you really should have changed your password to something different but most importantly you should change your password on *every* site that you've subscribed to or made a purchase from using the same e-mail address you used here.
The other golden rule is never, ever check the box labeled "save information for later" or "save credit card". While it sounds convenient that's the info the hackers are always after.
So no, no conspiracy, but at the most technical level there is perhaps one or two people on the board and one or at best two people in the office who really understand how this works, the bulk of it is managing the vendors.
I hope this provides some understanding as to what is likely going on in the back room. No conspiracy at all. There's no need for an adversarial attitude either, folks that run services like this care more about performance and up-time than you do so calling them out or talking about cancelling your membership only adds to the acid in the gut. It will not provide any positive motivation for the guys in the trenches.
gregfeeler
Dances With Sheep
good morning,
cover up? What's to cover?
Here's the issue as i see it.
Background: The moa runs a membership e-commerce system. These systems are very expensive (think six figures) and take a ton of time to implement. The moa invested the time and effort to get the member database integrated with a system that allows us to preregister for the rally, join, renew and buy some swag from the country store.
That's a huge member benefit that in this day and age the average user thinks should perform like a utility, i.e. Always be there. I see this with it at work because people have no idea what it really takes to "keep the lights on." especially with regards to costs and delivery time.
Along the way we rolled out the forum using v-bulletin. Vb is recognized as one of the gold standards of forum software. It's run by many sites larger than this and some of the chartered clubs also run vb.
The challenge was and still is how do you maintain a member database for the e-commerce and have the same user id and log in work across the forum. The easy way out is to purchase the forum module from the e-commerce vendor but when you compare it to vb it is painfully bad.
The solution involves a custom interface between the two databases. This is not off the shelf stuff and it isn't something that some geek in a closet can do in a day, or perhaps even a week. Iirc the original interface took months.
As an admin of a vb forum i can testify that they offer patches and updates on a frequent basis. They are very quick to provide information and a patch on urgent security issues. They're so good that as a volunteer admin sometimes i have a hard time keeping up. That's because a good admin doesn't just load patches willy-nilly, first the db is backed up and the patch might even be run on a test system first. The moa has very good vb admins, sometimes i go to them for advice on my system.
The elephant in the room is the interface. Every patch and update to either system carries the risk that the interface will need to be re-coded. This is something that's much easier to deal with if it can be planned, tested and validated, vs being built due to a system down issue. Break fixing sucks.
So to sum it up, the moa admin team is challenged to keep both systems current and the interface working just right; plus you've got 90 days until rally registration opens which is a big hit on the system. Because of the need to test and validate every patch it's completely understandable that they got caught by a hacker, the same thing happened to my board but as it's smaller i just took it off line for five days. Our admins don't have the luxury of being able to do that.
Ultimately what happened is someone got into the vb database and pulled out username, email (in plain text) and passwords (in hash keys). That's all they got.
What the admin team has been able to do is update the forum to the latest update for this version. This should have closed the leak. I'm willing to wager they're working on updating to the most current version which is a huge job, plus the user interface will change. If you want to see what it looks like check out the yb forum. it is also quite possible that they'll stay with this version as long as vb is supporting it; if i was running the show that would be a strong consideration, especially with rally registration coming up. At the very least i'd get the ball rolling on testing so the upgrade trigger could be pulled on my schedule, not some hackers.
The worst thing that will happen to the users is more spam. If you use gmail, comcast etc chances are you won't even notice, it'll just be more load on their spam boxes. You should watch out for the ones that do get through, they will not be offering to grow your unit, they'll have a link that they want you to click.
These emails could even look like they came from the moa with instructions to click here to update your personal information.
Do not do that.
there has been plenty of discussion on passwords and such, by now you really should have changed your password to something different but most importantly you should change your password on *every* site that you've subscribed to or made a purchase from using the same e-mail address you used here.
The other golden rule is never, ever check the box labeled "save information for later" or "save credit card". While it sounds convenient that's the info the hackers are always after.
So no, no conspiracy, but at the most technical level there is perhaps one or two people on the board and one or at best two people in the office who really understand how this works, the bulk of it is managing the vendors.
I hope this provides some understanding as to what is likely going on in the back room. No conspiracy at all. There's no need for an adversarial attitude either, folks that run services like this care more about performance and up-time than you do so calling them out or talking about cancelling your membership only adds to the acid in the gut. It will not provide any positive motivation for the guys in the trenches.
+1
statdawg
High & Dry
mika
Still Wondering
+1 in thanks for all the hard work that has gone into dealing with this.
As to mud slinging...one word - PARODY...even around here no one could be that clueless so it must have been a parody the rest of you did not understand.
Right?!?
I would have said something sooner but I was to busy
As to mud slinging...one word - PARODY...even around here no one could be that clueless so it must have been a parody the rest of you did not understand.
Right?!?
I would have said something sooner but I was to busy
DICK
Pondering Life
I am not sure if this is related but I thought I would post this in the event that others are seeing similar "probes" after the hacking incident:
I did not respond to any of these unsolicited messages but I was wondering if other members are seeing similar unusual activity. My goal is to determine if these incidents are related to the hack or if I have another security issue that is brewing.
Thanks,
dick
- I received a text on my cell from a number 92500 telling me that my yahoo account had been modified to remove my cell number. (I never linked a cell number to my yahoo account
- There was a mysterious gmail asking me about a cute kitten. This was followed by an e-mail from Rob Nye about spam
- I received a call on my cell from 406-530-5319 which I let roll to voice mail. I googled the number and found this thread in a google support forum http://www.google.com/support/forum/p/Places/thread?tid=4c9cd8606f1b4fa7&hl=en
I did not respond to any of these unsolicited messages but I was wondering if other members are seeing similar unusual activity. My goal is to determine if these incidents are related to the hack or if I have another security issue that is brewing.
Thanks,
dick
SeabeckS
New member
Dick,
I've only had one little glitch so far, and it was only an attempt by another "user" who tried to log in to my account here with another user name and login/password. Not sure if there was anything else out there as my AVG filter does regular scans and I've not been checking the results of that on a daily basis...though a few days ago it did isolate a number of suspicious files...
Cheers!
I've only had one little glitch so far, and it was only an attempt by another "user" who tried to log in to my account here with another user name and login/password. Not sure if there was anything else out there as my AVG filter does regular scans and I've not been checking the results of that on a daily basis...though a few days ago it did isolate a number of suspicious files...
Cheers!
rob nye
Ritalin Poster Boy
The cute kittens email was a result of the hack, they spoofed one of the addresses to make it look like it came from someone you know.
The text stuff shouldn't be related. Did you have your cell phone number in your MOA account profile (not forum but the rally reg side)?
The rest of this post is for all to consider....
As I mentioned previously this is what folks will need to be on the look out for; bogus emails trying to get you to click a link.
If your anti-virus software is a few years old it's time to upgrade.
I would also like to take a moment to mention that you can get FREE excellent anti-virus software from Microsoft. I figure that if anyone can handle keeping windows clean it's Microsoft. Another huge benefit is it doesn't bog your system down like Norton.
So update your anti-virus software and watch out for suspicious emails, if it looks fishy chances are it is.
- Bob
DICK
Pondering Life
gregfeeler
Dances With Sheep
I'm going to add to this. If your anti-virus, anti-malware software is more than a few DAYS out of date, you need to update. Also, I'm going to disagree with Rob a bit: if Microsoft *really* knew how to keep Windows safe, they wouldn't have half the security problems they do.
Microsoft Security Essentials is a good product for the price: free, but it's only available for Windows Vista or 7. According to a number of tests Norton Anti-Virus and Norton Internet Security Suite are toward the very top of independent tests. In my use of a number of different suites, Norton is almost invisible - it has technology that uses idle CPU cycles to do much of it's work. No security product gives 100% protection from all the threats today: viruses, malware, root kits, etc. An "internet security suite" adds a better firewall, dangerous website warnings, email spam detection, and other features to the typical "anti-virus" package.
Yes, you do have to pay for annual subscriptions for all the commercial products, but if you buy on sale, and get the multi-PC packages, you can get many of them for $20/PC/year - sometimes less. Just one nasty breach of your PC will cost you many times the full retail cost of any brand name security product.
Here's a pretty good article on security suites by PC Magazine: http://www.pcmag.com/article2/0,2817,2369749,00.asp. Unfortunately Windows Defender was not included in this test.
Here are their tests of anti-virus packages: http://www.pcmag.com/article2/0,2817,2372364,00.asp
And, an article on how to avoid scams: http://www.pcmag.com/article2/0,2817,2373975,00.asp
Think of a current generation security suite as ATGATT for your computer.
gregfeeler
Dances With Sheep
P.S. AVG Anti-Virus Free 2012 has tested very well for malware, rootkits, ans scareware. Key word here: free.
rob nye
Ritalin Poster Boy
thanks for the feedback Rob - I was hoping the second cute kitten e-mail was from you
It was or the reply all with the tag as spam instructions was the one I sent.
