Thread 136030

>pay for 4chan pass
>can't use it for eleven (11) days

I demand reimbursement. At $30 per year, that works out to approximately $0.90 of money STOLEN from each of us.

You may expect a letter from my lawyer.

>>136030 (OP)
Good man, biggest class action suit in internet history

I saw someone say they should extend everyone's pass for 11 days

We need extensions of every pass

>>136030 (OP)
Ima sugu! Give me my dollar back

>>136030 (OP)
They do 100% need to extend our passes to make up for this. I don't care if someone has the hash for the email I used, but if I don't get my pass extended then I will never pay for another year.

I should've bought some btc while it was at 70k for next year

I would appreciate an extension seeing as they even made the passes MORE expensive and then that money proceeded to not go into upgrading the site until the inevitable finally happened.

>>136030 (OP)
Exactly

Anyone else worried about their pass details being leaked by basedjak party?

>>136056
I'm honestly not expecting shit. They've had days to post anything and there isn't even a news post after the site came back up. I'm not expecting a email sucking my dick or asking for forgiveness or anything, but any sort of public post beyond
>twitter
Would be nice

>>136061
The hacker said that there wasn't any payment information. Only hashes for the emails, not even the email addresses themselves. So it really isn't worth being concerned over.

>>136063
>Only hashes for the emails, not even the email addresses themselves.
How does that work? They send out expiry emails long after a purchase. Are they pre-scheduled?

>>136063
I thought he said that there was that data, he just didn't intend on leaking it.

not to mention all my information was leaked

>>136070
He did say he didn't intend to leak it, but he only had hashes, not the actual emails themselves.

>>136073
Are you sure you're not confusing the pass emails to the (15-minute timer) verification emails?

>>136074
I guess I could be wrong but I'm pretty sure I saw that he said he only got hashes for the pass user emails, not the actual emails.

>>136074
>>136075
It would be nice if the mods clarified exactly what user information was compromised.

>>136075
I saw him post that he didn't have the emails but I imagine it was because he didn't grab them and not because they weren't there.

The verification system hashes emails AFAIK.

>>136077
That could be. I do think some clarity from mods would go a long way here.

>>136061
what pass details are there to even leak?
just a serial number?

>>136061
You mean my throwaway email address and equally meaningless bitcoin wallet that I only use to pay for passes? No, not really.

>>136081
Email address.

>>136082
The payments are done through Stripe, there's no way the hacker would have anyone's credit card info. People are asking about the emails linked to their passes. And it's probably not a huge deal anyway but it's still not a good look for the mods. The lack of communication about all of it was pretty terrible.

>>136084
Anybody who is dumb enough to use a day to day email, let alone a work or college one on 4chan deserves what they get.

>>136061
Even if it's leaked, what are they going to do with it? I'm an unemployed NEET

>>136086
Well fortunately this time the hacker wasn't interested in leaking anything related to the users anyway. It would be nice to believe they've taken steps to ensure it can't happen again.

>>136087
They have changed nothing except they now offer free passes as bounties for reporting security leaks

I think it is only fair if we get an extension considering that they fucked up this bad on security by not updating things for a decade. Thankfully the sharty troon that did the hack didn’t release pass users info

>>136061
It would be nice to hear from some 4chan authority on this desu, all we know is the hacker said that he didn't have access to that information. But that's his word, don't think we can trust him.

>>136043
This is the common sense solution to the problem.

>>136091
That's the big issue because he still has the information, he just hasn't published it. Though if you practice basic OpSec, it shouldn't be an issue.

>>136098
>That's the big issue because he still has the information
He has claimed to not have it, which would mean that he didn't grab it, he grabbed it and deleted it, or he still has it and is lying. And really only the last one of those options is provable.

>>136030 (OP)
When did they raise the price? I only noticed it after the site came back.

>>136103
I think it was like August of last year.

>>136103
February, iirc

>>136098
Fuck that, 11 weeks and then we're talking. People died (probably) because of this downtime!

>>136061
It's a good lesson to never use your personal address for this stuff. Hell, even if your deets did get leaked, they couldn't link you to any posts.

>>136108
If they got a full database dump, they could link it to any posts that were still alive at the moment.

>>136043
I remand 1 year extension.

>>136043
They most likely won't do anything, I didn't pay for this year (I have no idea how I got a bonus year) so guess I'm not losing money over it.

>>136043
actually didn't they do that once?

>>136030 (OP)
>If enough people have a 4chan pass, we could buy a 4chan pads

>>136109
>anon you've been posting touhou on every board, what do you have to say for yourself?

>>136043
Yeah this please. It's only fair after all. Maybe we can send in feedback about it if they don't address it.

>>136043
That would make sense, so it won't happen

>>136030 (OP)
I unironically have four active passes so they owe me $3.60.

>>136148
Literally why

>>136154
Ban evasion. Bans are tied to the Pass if you're using one, not the IP.

>>136105
yeah feb was the deadline for the most recent increase

>>136043
They'd better.

Has anyone here looked at the codebase and confirmed that they hash the emails? Imagine getting fired from work for your 4chin posts

>>136189
Only verification emails are hashed, pass emails are not. How would they resend you the pass details, expiration remainder etc. otherwise?

>>136190
it's ova for every pass user once 4chin inevitably gets hacked again i guess then

>>136191
last time I checked you could use virtually any domain for the pass email, even the shittiest temporary ones so if you use email that can linked to your identity it's on you

>>136191
I mean, the only thing that gets you is a list of email addresses. Might get picked up on a few spam mailing lists if you weren't already, but that's about it.

>>136030 (OP)
Meh I don't care

The other thing to consider is that they were in the process of migrating the data, but despite the number of passes sold over the years, they had only recently made the purchase of the new servers. Why didn't the move the critical stuff over first? We all would have accepted a couple of days of downtime vs. a week and a half.

>>136201
and obviously if you dont have a 12345 password lol

>>136148
>reddit frog

>>136030 (OP)
STOP WHINING!

I hope they use my 90¢ on hookers and blow

The sensible thing would be to allow pass users to actually change the email address associated with their pass. It's a pretty common thing to want to do with any user accounts. However, considering the state of the codebase, I imagine this is not something you should look forwards to.

>>136030 (OP)
come here to see if anyone brought up this issue
>>136043
is there a way to check?

>>136030 (OP)
>At $30 per year
stopped reading. imagine paying more than 45 dollaridoos / 3 year