- Popular Post
JamieM
-
Posts
322 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Posts posted by JamieM
-
-
1 minute ago, Phuketshrew said:
Exactly.
wrong again
- 1
-
2 minutes ago, Phuketshrew said:
The latter involves deliberately manipulating parameters, such as an ID field that are then submitted through http_methods to the server. This should not be allowed to happen but with lax security sometimes can.
It seems that this method made it possible for other users data to be retrieved and displayed.
Show us your source evidence of website parameter manipulation occurring then?
Mr Barrow clearly stated "All you have to do is change certain characters in the URL"
-
Just now, tgw said:
well, hacking being illegal, because it is "the gaining of unauthorized access to data in a system or computer", the direct conclusion of you calling Mr Barrow's actions "hacking" is that he should be punished by law.
luckily for Mr. Barrow, no hacking occured.
Well said!
- 1
-
1 minute ago, Phuketshrew said:
Remedial action to fix the web site - wasn't that obvious?
Well with the outright false assumptions / allegations you have made about Mr Barrow.
No, no it wasn't obvious.
- 1
-
4 minutes ago, Phuketshrew said:
Nope. Nowhere did I state that "he should be punished".
You have been repeatedly making false accusations against the man, you even said he's pushing his luck and suggested the government could take "remedial action" which implies he's done something wrong.
If I were Mr Barrow I would be filing a defamation suit against you.
- 2
-
- Popular Post
- Popular Post
Finally some people that get it have arrived, thank the lord ????
- 2
- 1
-
- Popular Post
- Popular Post
42 minutes ago, Phuketshrew said:Mr Barrow. He knowingly tampered with the website URL to gain access that was unauthorised.
What you stated was not true.
1 minute ago, Phuketshrew said:So just because Mr Barrow states that it is not a hack then that's OK then?
It's not a hack because it was not restricted because they didn't secure the data in the first place.
Is that so hard for you to understand?
- 3
- 1
-
- Popular Post
- Popular Post
20 minutes ago, Phuketshrew said:Mr Barrow stated that he tampered with the website URL to gain unauthorised access to data
No he didn't he said and I quote:
"The Immigration data breach is NOT a hack. All you have to do is change certain characters in the URL"
Show me where he states he did that? you cannot add or take away anything from what he stated.
Which is exactly what you are doing.
Which can also be described as ASSUMING.
20 minutes ago, Phuketshrew said:I I pointed out that this can be legally defined as hacking.
The legal definition of hacking is "Hacking is the unauthorised use of or access into computers or networks by using security vulnerabilities or bypassing usual security steps to gain access".
Ok I'm glad you were able to google the definition of hacking but the key points that you fail to grasp are as follows:
1. the data it was NOT RESTRICTED ( because they failed to secure it)
2. Hacking is "KNOWINGLY" gaining access to data.
- 2
- 1
-
4 minutes ago, Phuketshrew said:
Don't get your point. "Whoever" was Mr Barrow. He knowingly tampered with the website URL to gain access that was unauthorised. So I am assuming nothing.
You are assuming a lot and your post demonstrates that perfectly.
- 1
-
- Popular Post
- Popular Post
12 minutes ago, Phuketshrew said:My original point was that if he did this then it would be legally defined as hacking i.e. gaining unauthorised access to a system or data.
Yeh but it's not though:
1. The data was not restricted.
2. You are assuming whoever found the data breach, knowingly accessed the data.
- 3
- 1
-
- Popular Post
- Popular Post
6 minutes ago, Phuketshrew said:My understanding is that he directly tampered with web URL parameters as he stated "all you have to do is change certain characters in the URL". I assumed that he changed the userID to show retrieve and show details of other users. Maybe you have more experience than me. I would be interested to know how do you think he did it?
Well if that were the case and it were simply a case of changing a digit at the end of a url, imagine how many people do that everyday by accident while navigating the web? by your way of thinking they would all be hacking and breaking the law and there would be no more space in jails worldwide.
Mr Burrow is no fool and is fully aware that they want rid of him, do you really think he would post before checking the legality of the data breach before posting?
In my opinion he did the right thing drawing attention to the situation before others posted information for anyone to see.
- 10
- 2
-
- Popular Post
- Popular Post
1 minute ago, Phuketshrew said:and where do you think the data was retrieved from? thin air?
If it is visible on the clearnet it is not hacking.
- 7
- 3
-
- Popular Post
- Popular Post
2 minutes ago, Phuketshrew said:Gaining unauthorised access to any system and its data is, by definition, HACKING.
Nonsense, he did not gain unauthorised access to any system it was there for all to see.
You obviously have no idea what you are talking about.
- 15
- 1
- 1
- 2
-
4 minutes ago, internationalism said:
and imagine, that all diplomatic corps, the UN officials all had to register through this website and that all their sensitive info is leaked and at mercy of local and international mafias.
A certain communist party not that far away would have been taking notes that's for sure.
- 1
-
1 minute ago, simon43 said:
"Some bugs on the websites may not safe for other, So please report us immediately and don't share it to public that would help."
they may as well post this emoji -->????
- 1
-
3 minutes ago, champers said:
That is the same as what I but you have edited out the relevant part of my post. Naughty, naughty!! ????????
That is because I am not speculating about what the use of the data would or could be.
I am just pointing out that comparing immigration having those details to them being leaked openly is completely different.
-
1 minute ago, champers said:
The Government already has your passport and visa details along with phone number and address.
Yes but they are not exposed on the clearnet for anyone to gather.
-
1 minute ago, worrab said:
without anyone actually having the true facts of this incident!
Well peoples personal details including passport numbers addresses and names were available for anyone to see.
That is a fact what am I missing? "pray tell"
-
1 minute ago, worrab said:
And pray tell me why there would be a knock on the door? All that everyone has done is register for a vaccination and there is certainly nothing sinister in that.
Try thinking a bit further down the line in view of the way things are going.
-
1 minute ago, Excel said:
Exactly. If I were them who registered I would be a bit worried about the knock on the door after dark. Extreme, you never know, I hope not the case but there are many parallels to how this corrupt administration is working like others in the past, and not so recent past also. Some of their own people have "disappeared" already, so nothing should be ruled out.
It's going south fast that's for sure I was reading an interesting article about which way things are going in Thailand which would be removed in about 0.1 seconds if I posted it here so I will dm it to you.
-
2 hours ago, Excel said:
Well to play the devils advocate, now that the data breach has been recognised how do we know it was not a deliberate attempt by this administration, or individuals working for it, that by promoting the registration process for expats, as many expats would wish for a vaccination, it was only a deliberate guise or trap for them to disclose their personal information, that has now enabled to be accessed by whom ?
This kind of thing is honey for winnie the pooh and his minions, I bet they were taking notes.
A map of westerners living in Thailand with passport numbers etc is a goldmine for them. -
6 hours ago, Strongheart said:
The present Junta couldn't care less about what the average Thai person thinks. This is a plan to sell out Thailand to the Chinese.
Someone who gets it, people here assume this is for our benefit but it's clear what they are doing here.
They make the requirements undesirable to potential western expats while selling Thailand to the Chinese under the guise of luring tourists.
- 1
-
Just now, Damrongsak said:
OK, the article said it was renovated about 10 years ago. And we know how things are built and maintained in these parts. Might have needed a new straw roof and new foundation.
No it was in brand new condition it was just some bs they came up with as an excuse so they can get rid of it.
- 2
-
- Popular Post
20 minutes ago, Damrongsak said:"... In September, Cambodia demolished the Tactical Headquarters of the National Committee for Maritime Security at Ream Naval Base, which was renovated and built by the U.S., equipped by Australia, and inaugurated in 2012. The U.S. raised questions about China’s role in renovating the base. ..."
Demolished a 10 year old building(s)? Probably thought it was bugged.
The Cambodian government actually said it was old, as a reason for demolishing it, it was completed in 2017.
Gives you an idea about how honest they are being about the whole China thing...
- 2
- 1
Not again! Another website used by foreigners in Thailand suffers massive data breach
in Thailand News
Posted
The poster has made it clear he is not talking about a legal hack.
Context is important this is his original post below: