- riot.one went down before the public release.

- Now I don't feel as bad about sitting here and double checking all my accounts and 2FA on EVERYTHING.

- Did the WB tell us that?

- Wait wait wait

- No, we saw it happen in real time.

- If everyone told one trusted friend that's a lot of people

- How?

- Someone tried to click and it was down, IIRC. Hold, checking scrollback.

- I'm so confused now

- This place was never intended to stay airtight for long. It's fine. Just assume that 50 people can't keep a secret, and some bad, smart people are going to be digging.

- I suspect that riot going down came from Niantic.

- How did we see it in real time though?

- Outside of this room, we told Krug.

- {{FWD: Pongolyn | Seattle, WA, 19.10.2017 11:31:58}}
At any given time there are multiple informants between Niantic, ENL, and RES. See previous conversation re: 50 people can't keep a secret.

- We didn't have access to riot

- We have all been high profile noisemakers on a number of recent topics. It is not hard to establish patterns. And we are going to be making some people very, very angry over the next few days.

- πŸ‘

- We could see the public page and WB told us slack was disrupted

- Ahhhh

- So, time out....

- The public page briefly displayed

- NIA takedown in process

- Does that mean their scraper is down?

- Can't tell

- Maybe, maybe not

- They can't get data our till they fix it.

- Could still be collecting

- They probably have a new one. Someone boasted about that in comm.

- The scraper doesn't run in slack

- It's just accessed that way

- Well, sure they can, they just stick the front end up at a different URL.

- Vedorian is getting hunted like crazy right now

- The web interface is also just an interface

- The public facing website, the slack, and the scraper are three different things

- The first of those went down before we went live

- I am thinking about doing !riot @user x 800 on all comms as a bantest

- Assume the scraper is still up

- Yes.

- Calling someone a cheater in comm is a TOS violation

- I’d have a stroke if anyone was banned from this already. Maybe only the guardian hit people.

- Whether that particular move qualifies, /shrug. But please help agents in your home communities keep that in mind

- From a RES

- [[Photo]]

- That's fair

- I think it was introspective

- But yeah

- awwww

- maybe that's what they meant to put up on the website they couldn't get into

- How crucial is it that we change our passwords to things? I mentioned that to my husband and he just kind of stared and me and went ".... why would you need to change passwords? You didn't log into anything..."

- its the angry res.

- Youve seen the emails above. I didnt post anything publicly yet, and changed my password.

- 5pm is about to hit on the West Coast.

- But the emails are because someone was trying to get into the website ... They weren't attacking any of us personally

- I switched to 2fa.

- Never know. I have 3fa.

- Did you try going to riot.one?

- it's also possible that whomever at Niantic Ops received the info yesterday after they reached out could have shared with an untrusted source. Sucks to think the leak could come from in here, but, I guess it is what it is,

- Same

- https://myaccount.google.com/security-checkup

- Google Authenticator is great to have especially on iOS. Ingress used to shit the bed in low signal situations and make you authenticate again

- Absolutely something I would suggest doing anyway, but something I would HIGHLY RECOMMEND to anyone making a public post about this. More so if you have a larger reputation and public face, easier target.

- Yes, it redirects

- But to change passwords to things outside of Google seems unnecessary

- I run 2FA on anything that offers it by default but I'm paranoid about my infosec.

- Here's the math

- There's a .1% chance of anything happening, 1 in 1000

- That 1 time, the cost to you is immense because they own your entire online life

- The cost of changing passwords is low.

- THIS

- Most of the time that cost is wasted, but the one time it's not, you just saved yourself a LOT of pain.

- 275,000 page views.

Jesus look what we did.

- You people are monsters.

- 23 minutes till 5pm on Pac Time

- True. Niantic has employees on both sides and it's not like we can swear Krug to secrecy

- They're trying again

- oh god

- I did kind of dare them

- lol

- Did you set the password to riotdotone?

- "seriouslyfuckyouguys"

- 4 memorable words right xkcd?

- Correct horse battery staple

- [[Document, size 62'320 bytes]]

- Uhhh

- "Yeah, I was added to this Slack channel but I didn't ever ask anyone about it or visit any of the links in the channel info."

- I do that ALL THE TIME.

- πŸ˜‚πŸ˜‚πŸ˜‚

- [[πŸ˜‚ Sticker, size 35'774 bytes]]

- Didn't inhale is not a defense.

- Even less often than I join a slack and don't look at the public channel list

- "yeah I was invited to that slack but never logged in"

- hes talking about being in #bot, and not knowing about RIOT

- a lot of people are angry abot not having access

- #bummer

- Turns out that your secret club has secret clubs. Who knew?

- #alwaysacabal

- Oh. Well then he's kinda doofy, that's why we separated out the lists.

- yup

- and theres people bragging in their channel saying that they had full access and didnt make it to the list

- Good job on that, people

Prev
Next