Another Theft...fml
Dade Pendwyn
Canadian Conduit - Presidential Address #2
Yesterday the Canadian National Defense was compromised, and an estimated value of over 10,000 CAD was stolen, including over 3000 guns which are now being flooded onto the market.
Someone shoot me.
http://4.bp.blogspot.com/_WsE6M_RjBIY/SeAtsfVcX6I/AAAAAAAAUs8/c1a7R_DxMi0/s400/sigh+charlie+brown.jpg" />
Before you take out your pitchforks and scream "bloody insecurity", please hear me out. I can assure you every effort had been made by the current administration to keep our funds as-safe-as-freaking-possible. I changed the CND email and I am the only one with access to it, and Ramizeth, Chucky Norris, and myself were the only ones who had access to a complex password which was changed when I took office. So, let me backtrack and explain how we got to this point.
My first week as President started off on a rocky foot because there was no outgoing President to hand me the "keys" to the nation. Additionally, I inherited the problem of 2600 gold being inaccessible due to the previous administration losing the password and email, as well as the problem of two government orgs having their password changed before I took office. Thankfully, the last problem took care of itself as the person who took over the government orgs was not a sabateour so much as someone wanting to make an example of the previous administration for the benefit of future administrations. Of course, I had full intention of changing all government org passwords as soon as elected, but it further reinforced in me the notion that security is of utmost importance.
So, I spent the first week running around harrassing people and getting every single password for all government orgs, then ensuring that these passwords were changed and that only I and the minister in charge had these passwords. I am currently in the process of hunting down the previous email-owners of all the orgs so I can also change the emails of all these orgs. Obviously, I am borderline paranoid when it comes to the security of my government's organizations.
http://i47.tinypic.com/2meqsg3.gif" />
And yet, here I am, announcing to eCanada that cash and guns have been stolen from the Canadian National Defense organization. There are only 3 ways this could have happene
😛
Possibility 1: The money and guns were stolen by one of the three people who had access: Myself, Chucky Norris, and Ramizeth.
Chucky and Rami have both had access to fund pools much larger than this, and they have been trusted members of the government for months. They are 100% trustworthy andI would wager my first-born child against anyone who wanted to suggest that either one of them are responsible.
As for myself, I can reassure my citizens that I, too, had absolutely no part in this theft. If the people don't want to take me on my word, I'm more than willing to provide any information whatsoever, including screenshots or allowing somebody to remotely take over my computer and check anything on here that they wish. Frankly, I'm not willing to betray my country for 10,000 CAD (or any amount of money for that matter), and I'm disgusted, yet not surprised, that somebody did this.
You can rest assured that this money was not taken by myself, Chucky or Ramizeth.
Possibility 2: Somebody hacked directly into the account.
This is unlikely, due simply to the strength of the password, but certainly not impossible. As the only person who has access to the email to which the account is tied to, I can confirm that the email was not used to compromise the CND. However, it's certainly possible that somebody somehow directly hacked into the account. If this is the case, there's nothing we could have done or could do in the future to prevent this.
Possibility 3: Somebody hacked into a line of communication to steal the password.
This is the most plausible. It's likely that somebody could have hacked into a line of communication between either Chucky and myself or Chucky and Ramizeth and used the password to compromise the organization. The key then is to determine how this happened and who did it.
http://i47.tinypic.com/2meqsg3.gif" />
This is a failure of security and I do apologize. However, please be certain that this failure was not due to lazy administration or a lack of consideration for the security of your government organizations. We have done everything possible to make sure nothing like this would happen, and yet it did anyway. I am, as I'm sure you can imagine, pissed.
And for those of you who think the sky is falling, rest assured that the amount of money taken was not catastrophic by any means. It works out that around 10% or less of the CAF's monthly budget was taken, so we won't be crippled in any respect by this. Several tickets have been opened with the admins but nobody is holding our breath that will get anything back. The real tragedy here is that somebody would be willing to put this much effort into trying to sabotage the country; the biggest hit will come to gun business owners who are finding the prices of guns plumetting as the thief releases the stolen guns onto the market.
On that note I would like to urge all eCanadians to avoid purchasing guns from the Ultimate Armoury company. The owner of this company and the Robotic Constructions org is the thief. Do not buy from this company no matter how low he makes his prices.
I have put every possible effort into improving the security of the administration, and yet this has happened anyway. Though I'm running out of ways to do so, I will continue to tighten security wherever possible. The eye is watching.
http://www.newscientist.com/data/images/ns/cms/dn9951/dn9951-1_300.jpg" />
On behalf of an exhaused an infuriated executive, I'm sorry.
http://img217.imageshack.us/img217/3982/dadependwyn.jpg">
Comments
Oh crap! Dude that sucks 🙁
Oh crap, this sucka 😕
I am ashamed that this happened under my watch and I'm doing everything I can to make sure we are going to get back the money, if any concerned citizens have questions, feel free to pm me for more explanation and I will tell you everything I can that is not too sensitive while the investigation is in the process.
owned
Vive le France!!
not good.
*sigh* 😞
Doesn't look good Dade. I suggest you get the opinion of the admins on this pronto, otherwise you're left standing in the wind with just a series of hypothetical probabilities and no concrete way to allay people's concerns.
As you go forward, be open. Be stupidly open. Let the people know what's going on, as it's going on - who is doing what. If you stick to transparency and accept responsibility, the worst case scenario still has you coming out in a respectable fashion.
Well, remember it was Chucky's MoCD who hijacked the CND several months ago and "re-distributed" around 4300 CAD to various Canadians (including 69 cents to Scorpius). How can we be sure he's innocent?
I feel bad for the gun company owners in Canada. It was hard enough to make profits before, it will damned near impossible for the next little while.
should consider encrypting the keys when passing them around. Making highly obfuscated passwords and transmitting them plain text actually makes it easier for sniffers than using something like 'password' for the password.
might also be a good idea for you guys to have your systems scanned. If there's a keylogger on your computer, changing the passwords wont help at all, and every org you log into can be lifted at will.
the admins better F'in start admining, this money represents peoples time they spend in the game, aswell and more inflaming, acual money spent buying thier gold packs...for those that do. If its not a PW issue and its a erep secrurity issue, than its THIER issue, especially when you know who it is and thiers a zombie filled company with over 4000 Q1 gunz in it, GL to the Q1 gun companies until this is dealt with.
pwned 🙁
dam hackers
So many holes in this game. It sucks to hear all that work trying to patch possible leaks still leads to this.
@temujinbc
You we're that MoCD that redistributed money to various canadian, let's not mix thing here please...
Yet another DAL blunder *sigh*
jkjk
if it was a erep exploit, then why is it not happening to every company.
like dade said himself, bad handling of passwords is more likely to blame than an exploit.
When Pimp and Tem do it, it's a national crime.
Now it's an "aw shucks, don't buy from this company?".
^
No mixing things required, Chuck. I'm always honest o7
Except when I'm not.
Fortuntely The Government of eCanada still has 3700 CAD in it. Bummer that no seems to have the password though...
Addy, make no mistake, this is a national crime. We just don't know who owns the org that stole it...yet.
Do not click on links in comments. Theft might been committed through it.
Addy please...lets get real. This IS a National crime and if you CAN tell me who the hell the owner is then I am sure we can see justice is done both by the admins and the courts you profess to hate.
Stop trying to spin this into a DAL vs CPF side show...its both old and boring.
With the two cases you KEEP harping on, we KNEW who the culprits were...in this case, I have NO idea who the owner of this damned org is.
Put your money where your mouth is and do something constructive...like helping us GET justice!
There won't be any justice here, because the person who owns that org will never reveal themself. The only hope is the admins ban the org for illegally obtaining properties.
But, if he used the password to access the org... how was that illegal?
Somebody spent gold creating ads trying to attack me and linking to this article...lol. Somebody's wasting their money 😛
And for those of you who didn't read the article: I changed both the PW and email of CND, but the money was lost anyway. If you'd like to suggest what else I could have done, please don't hold back.
Several accs were hacked in eRussia too.
I'm nearly sure, that it was made through links in comments/shouts.
I'll be honest.
I don't really like Dade. I'm not a fan of Chucky. I don't even know this Ramizeth fellow.
Despite all that, I don't blame either of the three and nor would I question their allegiance to Canada.
At the end of the day, there is just too much stock piled away, too much gold and CAD socked away and too many different orgs and passwords to be kept track of
The bulk of eCanada's wealth should be kept in a much smaller circle
I was about to suggest just what Rolo said.
Make 1 group of orgs, call it the National Bank of Canada or something. 2 people with the password, the CP and an exchequer. Store all gold and CAD there. It's a hassle to have to clear everything through someone else like that but this is a worse alternative.
If it was hacked? Then stop clicking on links with government orgs. :/
Tabarn*k!
Malgré toutes les tuiles qui nous tombent sur la tête, merci de ta transparence pour tenir au courant les eCanadiens, Dade.
NEIN! NEIN! NEIN!
The reason the money is distributed in so many orgs is so that is a breach occurs, the damage is limited. Imagine if this had occured and the CND had 1000 gold, 25,000 CAD, and five government-run companies?
open and accountable. nice leadership dade.
Who are Frams accomplices? They are still around picking what they can.
This is unfortunate. 🙁
the government should subsidize canadian gun companies for officially killing the market
Lol eCanada is FAIL FAIL FAIL!
😛
Tem's got a point. If we had a smaller circle of orgs this would have been much worse. Additionally, if I hadn't ensured all orgs had changed passwords (i.e. all those 6 month old pw's) we could have lost much more...100k-200k
If anyone should be pissed off about this is me. I have been one that had control of this org for the last 10+ months and have personnally taken it upon myself to increase the stockpile of the weapons company since those early days. I probably made 25% of those weapons myself over those months working for just enough to buy me food.
And to see it stolen in a minute puts a bad taste in my mouth. I too have put in a ticket to at least get back the weapons company with as may of the Q1s still within its grasp. If admins care anthing about its honest player base they should help us out.
Petz, were you appointed the King of Greedy recently?
You have several compeating companies and after this theft of government funds you have the nerv to ask the government for MORE money?
that sucks. a lot of money. THEFT EVERYWHERE!
Three crappy Presidents in a row from the same crappy party.
Time for a change in leadership Canada
^ The cpf is no better if that is what you suggest.
You need a President from the UN to end the fail!
END THE STATUS QUO!
Revolution! \o/
Someone made attack ads against Dade?
Let me guess...
Green Hawk? Blames this on DAL, because Chochi wouldn't let him run for Congress. (Note Greenhawk's latest shout: "chain shout: Buy guns from ultimate armoury. They are not thieves who did not steal the product they are not selling! please do not reshout!"😉
Or PimpDollaz, who deduces that because someone hacks into an org, that makes Dade a crappy president (and DAL a crappy party). Nevermind that PimpDollaz himself, was caught holding stolen property, and banned from the eCanada forums at one point in time.
And oh jeez - Octavian is back. Why not make it a trifecta.
Citizen B
Yes you're right Pimp, this is my fault because I didn't put a huge magical barrier around all the orgs.
I knew you'd propose impeachment at some point this term, I just didn't think so soon. I wonder what it's like to hate somebody over the internet for no reason? You'll have to teach me someday. 🙂
Oh hey guys Octavian is back! Are you here for good or did the Serbian PTO'ers give you a day off so you decided to come for a visit?
@CitB: GreenHawk's comment is such a blatant joke that it's unnerving someone would take it seriously.
As for Pimp, I can understand his anger. I don't blame Dade for this one but the last few months have been a very poor showing from the government. From trigger happy CP, ones who lose the initiative in a war and the inability to access/loss of 3k gold.
Mostly it's just bad luck. But this is just frustrating....
Yea this is the 4th or 5th time this has happened!?!?!, and it's always some hacker... blah blah blah... until erep gives us the tools to prove otherwise, it is always, and has alway been, one of the people with the passwords.
creative solution : buy the company a export license to eUSA and Poland and ask them to sell the weps there.
it might work....
also, the adds make you look better (makes you look like not only you want to admit whats going on. but make sure everyone knows about it, seriously thought you put them up.)
hopefully this is the only theft problem; and yeah i double commented