I have to admit I spend half my time on steemit worrying that I am going to give out the wrong key or something. LOL. Iguess once you get passed that it is fine, we just all have to be mindful and ensure that we protect our accounts and be aware that not everyone is honest and fair. This is of course the same in the rest of our lives. There is plenty of spam/clickbait/scam/fake on facebook etc. and there are plenty of people out to make a buck at the expense of others out there in the real world. Good post @inventor16!
I think platform creators can block an account if there are violations from the owner of the record. This I observed on a similar platform, the Russian version of STEEMIT.
The hacker @accounttransfers had access to the account and modified the display name and about sections. What you seen there was not really indicative of a blocked account. I am not sure what they were trying to do.
Perhaps, they were not really prepared for the backlash of compromising a high profile account and were trying to "legitimize" their activity as a psuedo white-hat penetration test. Only problem is that you don't pen test without consent and legal contracts in a typical centralized organization so there are definately issues with the ethics of this individual in my humble opinion.
This was not a mere front-end compromise. It was a full compromise but @samhillstone's saving Grace was that he had powered up which requires time to convert to Steem. This allowed the account to be recovered before said hacker was able to steal the Steem. I do think he may have got his hands on the SBD but am not sure.
I am not aware of any mechanism for account suspension on the Steem blockchain but maybe the devs have some sort of method. I don't believe the account was actually suspended to be honest.
I think the hacker just made it appear that way so as to give the impression that the user was being penalized for their poor security practice as a smokescreen for what the hacker was really doing which is to buy time so he could power down.
That's what I believe happened and let, if so, glad it didn't work out. Nevertheless, it is a good thing, in a sense, as now security awareness is in the forefront of many a Steemians minds.
O wow, I never expected him to get his account back, he is lucky for sure! Glad he got it back though! I haven't read his entire post, but as I understand he did lose his master key to the person who hacked him. That's why I never expected him to get back his account. And yes, that does indeed beg the question how Steemit inc. was capable of getting it back on a decentralized system...
It doesn't make sense to me, I know steemit can recover accounts if they know a previous master key of the user within 30 days, but it looks like they shut the account down before they regained access?
Maybe there is a 30-day limit that they can recover it even when it has been changed by the one taking over the account. That's the only thing I can think off, it would be nice to have a clear answer on this though...
That's correct. You have 30 days to get account back, as long as you have a previous master key. But I'm just confused on how Steemit was able to block the account.
The same way they gave back the account? I mean once they give the account back to the original owner it seems only logical it gets locked till it's actually in the hands of the original owner. As I understand this 30-day policy of getting back your account means Steemit inc. gets hold of your account and gives it back to you (verifcating by the master key that you are actually the owner).
That might make sense that it was in transition of being handed back to the original owner. Would be good to get clarification from steemit or someone privy to it.
Just a question: Do you have some friends who would vote for me as witness... I really need it..I am not getting up the rank much... spend money for a witness server and hope to break even in some time...
no prob... thx for answering... hustling yeahhh. but not against every price... I dared to ask you.. why, because i think i could... will not bother you again
You have got a Random upvote of $0.06 from @trlotto. Free tickets are being distributed by @trlotto. Check out the details here. Get a chance to win SBD's
I have to admit I spend half my time on steemit worrying that I am going to give out the wrong key or something. LOL. Iguess once you get passed that it is fine, we just all have to be mindful and ensure that we protect our accounts and be aware that not everyone is honest and fair. This is of course the same in the rest of our lives. There is plenty of spam/clickbait/scam/fake on facebook etc. and there are plenty of people out to make a buck at the expense of others out there in the real world. Good post @inventor16!
Well said
I think platform creators can block an account if there are violations from the owner of the record. This I observed on a similar platform, the Russian version of STEEMIT.
What is considered a violation ?
I don't know how in STEEMIT but in russian version there are some rules. I can't find it now, but one account was bloked.
The hacker @accounttransfers had access to the account and modified the display name and about sections. What you seen there was not really indicative of a blocked account. I am not sure what they were trying to do.
Perhaps, they were not really prepared for the backlash of compromising a high profile account and were trying to "legitimize" their activity as a psuedo white-hat penetration test. Only problem is that you don't pen test without consent and legal contracts in a typical centralized organization so there are definately issues with the ethics of this individual in my humble opinion.
This was not a mere front-end compromise. It was a full compromise but @samhillstone's saving Grace was that he had powered up which requires time to convert to Steem. This allowed the account to be recovered before said hacker was able to steal the Steem. I do think he may have got his hands on the SBD but am not sure.
Yes I realize it was a full hack. My only question was how was the account suspended in a decentralized platform.
I am not aware of any mechanism for account suspension on the Steem blockchain but maybe the devs have some sort of method. I don't believe the account was actually suspended to be honest.
I think the hacker just made it appear that way so as to give the impression that the user was being penalized for their poor security practice as a smokescreen for what the hacker was really doing which is to buy time so he could power down.
That's what I believe happened and let, if so, glad it didn't work out. Nevertheless, it is a good thing, in a sense, as now security awareness is in the forefront of many a Steemians minds.
Well for now it seems good news to him and to get the answer i think we are gonna have to wait .
Yup
O wow, I never expected him to get his account back, he is lucky for sure! Glad he got it back though! I haven't read his entire post, but as I understand he did lose his master key to the person who hacked him. That's why I never expected him to get back his account. And yes, that does indeed beg the question how Steemit inc. was capable of getting it back on a decentralized system...
It doesn't make sense to me, I know steemit can recover accounts if they know a previous master key of the user within 30 days, but it looks like they shut the account down before they regained access?
Maybe there is a 30-day limit that they can recover it even when it has been changed by the one taking over the account. That's the only thing I can think off, it would be nice to have a clear answer on this though...
That's correct. You have 30 days to get account back, as long as you have a previous master key. But I'm just confused on how Steemit was able to block the account.
The same way they gave back the account? I mean once they give the account back to the original owner it seems only logical it gets locked till it's actually in the hands of the original owner. As I understand this 30-day policy of getting back your account means Steemit inc. gets hold of your account and gives it back to you (verifcating by the master key that you are actually the owner).
That might make sense that it was in transition of being handed back to the original owner. Would be good to get clarification from steemit or someone privy to it.
Mysterious...
This is way beyond my technical knowledge, but will be interested in seeing the full story here should it ever come out
Cheers
my 100% upvote on the question... how is this possible. Blockchain and steemit.inc are 2 different things... how secure are our funds..??
Yup, we should all look to find the answer to these questions because they are important.
very important, he wrote that it was impossible to get back because he made stupid mistakes.... so how the .... is this possible
Just a question: Do you have some friends who would vote for me as witness... I really need it..I am not getting up the rank much... spend money for a witness server and hope to break even in some time...
I do not bro, keep on hustling :)
no prob... thx for answering... hustling yeahhh. but not against every price... I dared to ask you.. why, because i think i could... will not bother you again
glad that he was able to recover his account :)
You have got a Random upvote of $0.06 from @trlotto. Free tickets are being distributed by @trlotto. Check out the details here. Get a chance to win SBD's
Why the account is suspended....