When i thought Orkut is much safer now...Another Orkut Security Hack came forward..
Yesterday a person took his revenge from Orkut...I would not share any Information about this Hacker..
There is a vurnability in Orkut, it's not a technical vulnerability, rather a human one. Orkut has some employees called as Customer Experience Representative's and other content monitoring staff. That person acquired access to details using social engineering techniques like cookie stealing and phishing. For example today, a person got access to the account of the representative and deleted many communities, most of them hate communities. Along with it, the "Stanford University" community(The first community in orkut) was also deleted.
Although Orkut restored there community..
He said that he had deleted that community Because Orkut have deleted his previous Profile..He was taking revenge..He also deleted all the Hate India communities..
Just before he did all this he scraped Orkut Buyukkokten and said orkut to make him certified or he will hack Orkut server...In return Orkut deleted his profile as a result he Hacked one of the administrator of Orkut Shaon RC and through his account he deleted those communities...
so if somone gets a google employ id
he can delete any community or change discription of any community
In return for all these Orkut took revenge by deleting a lot of Profiles..Most of the people talking about this Stuff also got there account deleted by Orkut..Along with that Orkut also targeted communities and deleted lots of them.After that The person tried to hack all the Orkut certified peoples account...By sending them a cookie stealing script..In return Orkut took away the administration rights from a lot of Profiles...
Poor people !!
It might be possible that a lot of people have access to Orkut administrators account...Because it has been noticed many times that people on Orkut challenged that tomorrow these communities would be deleted and they actually did deleted them without getting any access to the Owner of the community..
Suggestions :
Orkut should add a special pin code thing
which is not password [password can be guessed]
which administrators have to enter before they can delete any community or profile.
and that pin code must not be used anywhere else.
Purpose Of this Post :
The main purpose of this post is that the real mistake is not of the person who Hacked Orkut..But is of the Orkut himself..
I would suggest Orkut not to take any more revenge from that Guy...Although he showed himself a little immature by openly Challenging Orkut (Orkut can have him jailed for that !).
many people till now who have talked much about this have had there account deleted I just hope Orkut doesn't do that with me...
as i have seen my self peoples profiles deleted...One person claimed that Orkut has deleted his Profile 5 times in just three minutes...
We should all go to Google's security page and inform google about these kind of leaks :
http://www.google.com/security.html
Update :
Here Is what one Orkut User who was an eye witness had to say about the event :
Anyone that was online and active in the community at the time can verify this. The person had come in with a fake profile (after changing our comm. description to prove that he did indeed have access to an admin account), and then asked us to help him find objectionable communities since he was not sure how long the cookie would last.
People online saw the communities posted there disappear one by one. Coincidence? I seriously doubt the odds against that one...
However, people that were present KNOW the truth. That Orkut is NOT an indomitable fortress as they might want to pretend.They were compromised. All that is left is whether they are willing to admit it or not before we can suggest ways for them to fix it...
This is what another person said :
The Hacker is not to be blamed...He did the right by deleting all those Hatred communities..He did what Orkut should have done before....
Well yeah Orkut should spare him and should delete all those hatred communities...
You can still find a lot of Hatred communities Here
Gullible people who are ready to believe any conspiracy theory and "Martians have attacked" may help themselves by visiting the following url:
http://www.insideorkut.com/2007/06/has-googles-orkut-security-been-hacked.html
This is the blog post of Mr Darnell Clayton who is the author of a book Inside Orkut.
On the above page, you would find about his appraisal of the incidence. He thinks that there are other obvious and more simple explanation available which do not require hacking at all.
Below the post you would find several comments on the same. Some comments are by persons claiming to know the hacker, and some who are claiming to be oug or oug10 office bearers.
Go through that and make up your mind for yourself. As such there is not a trace of proof that hacking had taken place or 100s of communities got deleted.
I can understand your state of mind but sorry to be such a spoilsport. I agree that this world becomes a rather dull place without conspiracy theories.
You can also visit
"Unethical Activities of OUG"
http://www.orkut.com/Community.aspx?cmm=34031685
(would need orkut membership. join for free)
Go through different posts that talk about that no hacking had taken place and no 100s of communities were deleted.
if you have any further question or doubt about it either way, you can even post those questions in the above community and discuss it further. You can also post your own appraisal of the claim there.
OUG10 HAS GOT HACKED.
--------------------
Some BRAZILIAN hacker has hacked orkut's OUG10 community, the official playground of OUG.
He has changed the community description, removed the earlier owner of oug10 and stripped all earlier oug10 moderators of their posts.
See for yourself:
http://www.orkut.com/Community.aspx?cmm=31312201
The profile of the new owner of oug10 is
¤●๋•Mr.Db ●๋•░▒▓█[-23 dias]¤
http://www.orkut.com/Profile.aspx?uid=2420816616486189181
So, these oug10 hackers who had been claiming to have hacked an orkut admin's password and use that to delete 100s of communities could not save their own community.
Speaks enough of their skill level.
Does anyone feel that such persons are capable of hacking orkut admin's password and of deleting 100s of communities?
oops!
sorry for duplicate post.
there was a temporary site maintenance downage at orkut at the time when I was posting it, so it seems I pressed publish key many times.
can anyone tell me how to delete my post? or maybe the owner of this blog deletes one of the duplicates. thanks.
@ Vikas Pandey...
I wrote what i saw...
I saw peoples account getting deleted...
Orkut was surely Hacked..
Darnel doesn't saw what happened there...So he is unaware of the fact that Orkut admin was hacked...
Orkut took there revenge...By deleting profiles...
So many people Lost there Profiles...
There are enough people saying that Orkut was Hacked...
Vijay the moderator of OUG wrote that he saw the event...
I got other trusted eyewitnesses,,,
and about that OUG getting hacked...
Death Eater the Owner of OUG...his profile was deleted by Orkut including Lot's of other OUG members..so as usual when the owner of the comm gets deleted any member of the comm who has been a member for more than 7 days can become owner...
So unfortunately a Brazilian became the owner of the community...and now you are trying to claim that the Brazilian actually Hacked the community...
I myself say Death Eater's profile getting deleted...
Well actually you have got no proof that Orkut was not Hacked...I saw it hundreds of other guys saw it...If you didn't saw it that doesn't means it didn't happened !!
and i have deleted your double post...
Comment Form under post in blogger/blogspot