Archive for January, 2010


Untill Christmas, I have worked on the
website and I put it online just before
Christmas. The front page, the forums
and the photos have been improved.

As I have one free month before university

starts, I have been coding a bit the past days.
I have continued coding on the new BlaatBot
project. I suppose I have mentioned my plans
for this bot before. Completely modular. All
functionality loaded into libraries. As a result,
there is more overhead then in my older bots,
loading the libraries and parsing the data
between them, but in the end, it’s supposed
to be more flexible. So far, I think I have the
interfacing done, I hope, I won’t run into
missing stuff, but for now, I think I got
all protocol features I need supported.
So, now I am working on the first major
module, integration of the bot with the
website. So far, it can login and logout.
Well, more stuff will be added soon, but
I have done enough coding for today again.
Working on the bot integration, I will have
to add some more XML APIs to the website.
When the bot has enough features, I will
focus on the website again…. or… well..
maybe I should take a look at the libre.fm
client project first….
Anyways, that’ s it for now, thanks for
reading, cya next time.

So, as you read in my previous post,

some of my accounts were hacked
last week. I recovered my access to
Facebook and Gmail, due the option
to recover your password.
I could not do this on my Last.FM and
SourceForge.net account, because the
attacker also changed my email address,
to make recovery impossible.
Since the attacked accounts shared the
same password, I changed passwords on
other sites that share the same password.
Some sites, like ning.com, did send me a
confirmation about the changed password.
I think this is a good option, to send a
confirmation about changes. I am thinking
to add this feature to BlaatSchaap.be as well
next update.
I am just thinking. If the website is ‘hacked’
and someone gained access to the account,
but NOT to the email address, then this appears
to be good behaviour. But what happens if the
reverse happens. If someone hacked access
to the email address, uses the recovery option
to gain access to the website, and then changes
the password.
In that case, this offers no value. I suppose, I should
also store the IP address that requested the password
change, just to be sure.
Then, e-mail address changes. Some sites send a
confirmation mail to the old email addess if you
try to change your email address on the site. This
is good behaviour *if* the old email address is still
working. At one time, I had the problem, one of
my (webmail) email providers disappeared from the
internet (I used to have this andre@mailmij.nl email
address, untill BigFish, the company behind it, disapeared)
My point being. What if my reason to change email
address is the fact that I cannot access the old
one.

Last night, my gmail and facebook accounts

were hacked. It looks like the hacker only
changed my password. I was able to recover
the password.
Possibly other accounts are comprimised as
well, if I find out, I will add it to this blog too.
If you received an email from me last night
(between midnight and 11:00 AM, CET)
it was not sent my be, but by the hacker!
Edit: It appears only facebook and gmail were
compromised. Still looking for a suspect.
Edit2: Seems Last.FM was attacked as well,
I cannot recover this one since it seems the
attacker changed email-address as well.
Possible SourceForge.net too.

Het lijkt erop dat afgelopen nacht mijn

gmail en facebook accounts gehackt zijn.
Zo ver lijkt het er alleen op dat de hacker
mijn wachtwoord gewijzigd had, dat ik
met de herstel optie heb kunnen herstellen.
Of er ook andere sites gehackt zijn, weet ik
nog niet, maar als dat zo is, zet ik dat ook
hier op het blog.
Als ik op 5 januari tussen middernacht
en zo’n 11 uur ‘s ochtens je een email
heb gestuurd, dan is die niet van mij,
maar van de hacker, dus let even op!
André a.k.a. GromBeestje
Edit: Het lijkt erop dat alleen facebook
en gmail gehackt waren. Ik ben nog op
zoek naar een verdachte.
Edit2: Lijkt erop dat Last.FM ook gehackt
is. En hier is ook het email aders gewijzigd
zodat ik het niet kan herstellen.
Daarnaast kom ik ook niet meer in mijn
SourceForge.