search

fuzzyfox / mozhunt

an online, cross-domain, treasure hunt
Other
1 stars 1 forks source link

mozhunt kill switch, incase of security breach #16

Closed fuzzyfox closed 12 years ago

fuzzyfox commented 12 years ago

Today (Jan 21st, 2012) our hosting provider was attacked and all ssh/(s)ftp passwords were compromised... Now our passwords have been changed and are safe now, however there is now a concern for us that it could happen again. No matter who we are hosted with. So, I propose a kill switch that we can use which turns off game play, notifies users of the breach, backs up our database to the machine that made the kill request, and then purges our live database of all sensitive information.

This should be easy enough to write, however I would love to know if you think it is a little drastic or if it does not go far enough.

/cc @JoeHazzers @Uruwolf

Uruwolf commented 12 years ago

I think totally wiping the database is not a good idea. Although someone could get the passwords they are the hashed passwords. And therefore useless. It would not be possible to provide the hash of a password+salt and have the system log you in. I have set up everything so far to use CI's forms and protection so I don't think we will have any problems as long as people remember to thow everything though the xss checker (which I think can be enabled globally in CI anyway).

As for blocking access, as you said yourself, that's an easy one. But again I think not really nessary/useful. If we coded in a kill switch the source is right here for anyone to see. All they would have to do is change/delete the database user or password from the config to stop the kill switch from working, unless you log in yourself and do it manually.

sigwinch28 commented 12 years ago

Replication to a remote server or backups would be a better alternative for this. Like uru said, it's not really a concern if the database gets accessed. For example, Valve's systems got breached recently and all information was stolen, but all credit card data and passwords were hashed. In the situation something does go wrong, just pull the plug and throw up a static page explaining what happened.

fuzzyfox commented 12 years ago

Kool beans. Im in venue right now so leave as many messages as you like. I will respond once I have a full keyboard to type on. Don't worry due to finances I am still sober.

sent from my mobile device On Feb 29, 2012 9:58 PM, "Joe Harrison" < reply@reply.github.com> wrote:

Replication to a remote server or backups would be a better alternative for this. Like uru said, it's not really a concern if the database gets accessed. For example, Valve's systems got breached recently and all information was stolen, but all credit card data and passwords were hashed. In the situation something does go wrong, just pull the plug and throw up a static page explaining what happened.

Reply to this email directly or view it on GitHub: https://github.com/fuzzyfox/mozhunt/issues/16#issuecomment-4247736

sigwinch28 commented 12 years ago

Database backups, replication and redundancy. Boop!