January 18, 2012 - 3:22am
Quietly and without ever admitting the problem, Microsoft has fixed the Xbox.com security loophole that allowed hackers to use brute force attack to find out Xbox LIVE usernames and passwords.
The site's front end hasn't changed but it has changed the way it processes login requests and implemented a server side mechanism that refuses logins after about 20 failed attempts.
Comments
Goodbye
For these sorry excuses for articles I say goodbye to you Megagames. Take care.
And Microsoft loves you to!
And Microsoft loves you to!
I like Megagames
You scum bag, no one will miss you. I like the Articles on this damn site. Off with your head. After all who can deny MegaGames is the only site who cares about it's viewers. We begged and begged for years to get rid of the Gay Captcha and guess what, MegaGames listened. They replaced it with a Less gay Captcha. Now what other Game site would have done that.
I love you MegaGames.
Of course, you are the king
Of course, you are the king of universe everything exists only to please you, your tastes are obsolete and none can say otherwise, you are free to punish us as you wish but please don't leave us.
So you say Microsoft can do
So you say Microsoft can do no wrong? wow!, you are really in denial.
Thank you... won't be missing
Thank you... won't be missing you tho. Take care.
of course the only reason to
of course the only reason to go to megagames is for the articles...
lol
Nice!
The issue isn't the brute
The issue isn't the brute forcing, its the sheer fact that this happened at all. A company such as Microsoft with its vast capabilities should be more than capable of preventing brute forcing at all entry points of their servers. They over-looked a very simple thing that could have easily been avoided. This isn't the first time Microsoft has goofed up. I do feel they should at the very least just own up to their mistake.
I don't see why companies
I don't see why companies feel the need to not own up to their short comings. It's sad that honesty doesn't exist in this world any more.
Meh
If they did that would you buy more products from said companies? Nice slice of logic!
Oh come on megagames, this is
Oh come on megagames, this is garbage! ANY SITE CAN BE BRUTEFORCED, what a load of crap.
"ANY SITE CAN BE BRUTEFORCED"
"ANY SITE CAN BE BRUTEFORCED" - Nothing could be further from the truth. Bruteforce is the most crude form of hacking, a simple way to prevent it is to limit login to 3 attemps (reset the attemp counter after x hours), fail all 3 and you're forced to change your password via e-mail link/confirmation. Due to user convenience captcha systems are now being favored but still, bruteforce is easy to beat because it requires several tries per second to be effective.
if you want news go buy a
if you want news go buy a f**cking newspaper,if you don't want to, shut the f**k up
Guess you've never heard of
Guess you've never heard of tarpitting.
Geesh
About time......
Add new comment