Just when I was about to write a "How to get your forum back if its hacked," post, my inbox and scrapbook have been receiving attention over what seems to be the massive deletion of many forums on Orkut.
This has led many people to suspect that Orkut security has been compromised by a hacker, who seems to have stolen Google Admin powers and is deleting forums (and profiles) at random.
While there are users who have been able to steal forums away from members via hacking, I am having serious doubts as to whether or not Orkut as a whole has been compromised.
Many of the forums that are disappearing seem to be what some consider to be "hate sites." Although in America hate sites are pretty much ignored (and laughed at) by society, some nations seem to have laws against them existing, and go at great lengths to silence them.
Although it is possible that a hacker could have accessed Google's admin controls via internet cookies, a more reasonable explanation seems to be that Google may have given India police "too much authority" and it is quite possible that an officer is abusing their authority online.
(Boing Boing) The Indian Express and other regional media are reporting that Google's social networking service Orkut will cooperate with the Mumbai Police to share IP addresses of users who post "objectionable content" on Orkut. If reports are to be believed, the police need only email a complaint to Orkut, and Orkut will send back the personally identifying data, no questions asked.
The police are said to be targeting a number of "problematic" Orkut posts, including items that criticize various public figures in India, others that glorify Indian mobsters, and "anti-Indian words." The latter probably has to do with a group on Orkut called "I Hate India," which pissed off Indian officials so much, they decided to sue Google over it last October.
This seems very similar to Google's agreement with Brazil, and I suspect that Indian users are facing something similar. Of course, this doesn't mean that a hacker could not have stolen "admin powers" from a Googler (or even an Indian police officer which would be just as bad IMHO) although I think I still need to see more evidence before assuming Google's security on Orkut has been compromised.
Note: If you do have any evidence, please alert Google about this immediately, or if you are uncomfortable with contacting Google (for whatever reason) you can send me a testimonial (which won't be published) and I'll pass on word to Google anonymously.
41 opinions:
No - it is not the case.
Because "Stanford University" site may not be deleted by Orkut or a government agency. The act seems to be done by a hacker. Perhaps a "a hacker with a cause"?
Stanford University, California's community at orkut is alive and kicking with its 16,030 members intact.
anyone can go and check for him/herself at
http://www.orkut.com/Community.aspx?cmm=1
(you need to be a member of orkut to see that. sign up for free)
So, the hacker's boast of having deleted Stanford community is outright false and childish. The community was never deleted.
Now, some people are claiming that Stanford site was deleted but orkut restored it from the backups. Huh, do hackers have any proof that they actually deleted the community and that it was restored from backup by orkut. Unlikely.
Pygmy hackers are resorting to boast of false achievements to appear taller than they really are.
A comment above has aluded to "a hacker with a cause" as if the commentator personally knows the cracker and knows of his cause and is supporting that cause.
Everyone knows that the only cause of every cracker is: destruction. mayhem. chaos.
Crackers are the cyber world equivalent of goons, hoodlums, rowdies, murderers, killers, looters.
Anyway, considering the comment, could anyone explain why the claimed cracker had deleted Stanford University's community when the claimed cracker had otherwise such high standards deleting only hate communities?
or, does the claimed cracker not know the difference between a petty hate community and a 16,000+ members strong, educational institute of international repute where the said cracker is unlikely to go ever?
Such strong words, Vikas Pandey. Security should be a resolved issue after the new orkut comes out
Vikas,
I never said that supporting the "hacker's cause". Stop arriving at decisions in a hurry.
The cracker may have deleted the Stanford University community in a fit - to prove something to Orkut - ofcourse that was wrong even from the viewpoint of his cause.
The community was deleted
and has been restored
just like these
http://groups.google.com/group/orkut-help-communities/browse_thread/thread/cf857fee0627fed6
and about proving what accoutn was hacked.
well i am ready to provide cookies to orkut offcials to prove it
by the way the orkut profile[admin one] which was hacked had login address
dew.drenched.me@gmail.com
i suggest u contact her if u still have any objections
Stanford University community was deleted by one member of OUG as he hacked one of the orkut administrator's profile.
This is true that Mr. Vikas won't believe that because he didn't watched the community to be deleted.
But truth is it was deleted and orkut officials restored it again.
It is possible for any community as Mr. d3.death said.
Many OUG members were online then and saw this event including me.
sorry Mr. Vikas you may not believe but you are not the one to decide what a hacker should do.
its not upto you.
Anyone that was online and active in the community at the time can verify this. The person had come in with a fake profile (after changing our comm. description to prove that he did indeed have access to an admin account), and then asked us to help him find objectionable communities since he was not sure how long the cookie would last.
People online saw the communities posted there disappear one by one. Coincidence? I seriously doubt the odds against that one...
Right now, orkut would seem to be stuck between a rock and a hard place. They either have to admit to being compromised or deleting one of the most prestigious communities by accident. Neither particularly appealing....
However, people that were present KNOW the truth. That Orkut is NOT an indomitable fortress as they might want to pretend.They were compromised. All that is left is whether they are willing to admit it or not before we can suggest ways for them to fix it...
Death Eater has already offered you both cookies and email id of the person that was responsible. What more do you want?
You know, the thing is, we are now able to state the various powers an admin account has.........something that orkut has never published. The person would even be able to tell you exactly where all the delete buttons were. Something that he could never know if he did not actually get his hands on that account.
who says Stanfor community wasnt deleted
when some one hacked Shaon RC and deleted more than 100 communities including stanford
I have seen Mr Darnell Clayton's comment somewhere that read:
-- start
As far as the Standford University goes, it was down earlier but it seems to be back up.
This is not the first time that I've seen this forum down (as well as others) so it could have either been hacked, or Google could have been experiencing technical problems loading the forum online.
-- end
So, the more likely reason, according Mr Clayton himself, for the temporary unavailability of Stanford Community could be some regular temporary technical bottleneck (remember that bad, bad server, no donut for you), and not that it was deleted.
Hope you guys would respect Mr Clayton's gut feeling about it and stop showing Google security in bad light for some motives of your own.
And, if you don't respect Mr Clayton's statement, and continue to argue with him and continue to prove him wrong, why exactly are you here in his blog?
Thanks.
In the above annonymous comment, someone hinted that "Stanford University community was deleted by one member of OUG as he hacked one of the orkut administrator's profile."
Would any office bearer of of OUG group of any owner or moderator of Orkut's oug10 community please confirm and deny to the best of his knowledge and belief whether yesterday's claimed hacker was a member of OUG and/ or OUG10?
i can say that the community was really deleted, won't say who and from where this person came, as it will endanger him again, but his profile has deleted 3 times today by orkut. anyone has any answer for that??
and about the thing that Darnell said
about comm. being down, he may be saying about the bad bad server. but yesterday it was "page not found".
and vikas, communities that are deleted by orkut admins or users can be restored back, as many communities have already been restored to their owners. i can show you a screenshot of the moment when the Stanford community was deleted. do you want it?
Prateek sir,
I was actually looking for a comment from an office-holder of oug or oug10. I couldn't find "Prateek" name in the list of owner/ moderators on oug10 home page and I couldn't access oug as the link is no more mentioned in oug10. You have not even given any profile or home page link of you.
So, please don't mind me asking, are you an office-holder in oug or oug10? Could you please care to prove that you are indeed an office-holder?
You "won't say who and from where this person came", might mean that you know who he actually is, but you won't reveal who he is. Right? or is that that you don't know who he is?
quoting your statement, "as it will endanger him again". Hmm, you don't want to endanger him. Why?
1. Don't you agree that what he had is an unethical, illegal and criminal activity?
2. He is said to have impersonated.
3. he is said to have breached the trust of some claimed Google admin by passing him/ her some script and made him/ her execute it whereby he is said to have got the password.
4. Using that password, he is said to have logged in to access Google's database and said to have deleted those 100s of communities.
Why would you protect such a person? Are you under some threat from him? Are you being blackmailed by this criminal? or are you protecting him in your free will? Why?
Don't you agree that what he did was a criminal offense, punishable by the law of the land (India. I guess you are an Indian citizen) which you and oug and oug10 live by and swear to uphold?
This person has become a cyber-terrorist. Claimed deletion of 100 communities within a few seconds? Would you protect someone who bombs 100 colonies in your city? would you protect someone who bombs 100 buildings in your colony?
So, why are you protecting this particular criminal who has caused equal amount of destruction?
Do your own family and well-wishers know that you know and are interacting with such a criminal? Do you dad and your mom know that you are protecting such a criminal? Do they approve of your action?
Continued...
...Continued
You said "but his profile has deleted 3 times today by orkut."
Whose profiles have been deleted?
Hmm. So you know who this person is who had three profiles (why three?) which, you know, have been deleted by orkut.
And I was momentarily amused in all this mayhem when who wrote "anyone has any answer for that??"
assume that there is a serial killer who kills 100 men, women and children. Then, this serial killer gets nabbed by the police and some policeman slaps this killer.
You are asking "What right does police have to slap a convict who killed 100 men, women and children? I would sue police department, I would sue the Home ministry of the state. I would lodge a complain in Human Rights Commission. I will make everyone responsible for it, pay."
Isn't that what you are asking?
This cyber-terrorist's three accounts were deleted by Google.
Are you implying that Google has come to know who this guy or gal is?
If his identity has already become known to Google, what point is your hiding of his info here. Reveal who he is?
you won't?
Hmm. Because there is no such hacker, because 100 communities were never deleted, because Stanford community was never deleted.
You guys are just trying to pass a prank so that you can later laugh your hearts out saying how effectively you guys fooled Mr Darnell Clayton into believing your cock and bull story.
As far as your offer of sending the screenshot is concerned, thanks, but no thanks, please.
If you guys are really such skilled hackers as to break into Google's foolproof security and delete 100 communities within seconds, then you should surely be enough skilled to temper a web page, temper a doc or a rtf file, temper a screenshot to change its original contents and seemlessly fit in your modified contents that we commoners wouldn't be able to recognize.
So, a piece of information presented by a hacker or his supporters has no credibility.
I am personally very much afraid of hackers. So, I would rather never click on a link sent by a hacker or his friend. What if clicking that link releases a virus which destroys all the data on my pc? What if that clicking on that link runs some program that passes on my passwords, my credit card numbers, my bank account details to you?
You sure are capable of doing that. Right? Hence, no thanks to your links and your files.
I liked your post Darnel..
But even when you know the whole details you didn't shared it with others...
Vijay and Death Eater are right..
See the Post at my Blog :
http://orkutunderworld.blogspot.com/2007/06/orkut-turned-upside-down.html
@vikas
how do u know that orkut was not hacked ???... assuming orkut was hacked , do u think they will come out in the open to say that "we were hacked".... i dont think so
And as far my knowledge goes ... being a mod of oug10 i do confirm that orkut security was hacked yesterday by one of the OUG members ... coz many of us were online at that time .. and we saw all the happenings
As i see from the title i think it does`nt matter who or why orkut was hacked .... there is a flaw in orkut security ... and they have to take steps to rectify it ... before something bad happens
@Mr Nobody
You can check for yourself that "Mr Nobody" is NOT appearing among the moderators of oug10.
http://www.orkut.com/Community.aspx?cmm=31312201
Would you please somehow prove that you are a moderator of oug10.
I ask because you must be knowing that today's world is very cryptic. There are interpersonal equation between people and agencies. Someone might show some other person or agency in good or bad light for some reason.
Hence, it is possible that some enemy of oug10 could be trying to implicate oug10 or some enemy of yourself could be trying to implicate you in this activity which has legal consequences.
To safeguard oug10 and you from such a possibility, could you please take pains to prove that you are oug or oug10 office holder? Only then would be some point in taking your comments on the face value.
by any chance, are you this guy?
"Mr Nobody ......back"
http://www.orkut.com/Profile.aspx?uid=1948804646594430036
Thanks.
@Mr Nobody,
> how do u know that orkut was not hacked ???...
Because, other that some oug10 members, there is no person or agency saying that it was hacked.
And reputed persons like Mr Darnell are not really eager to believe that orkut was hacked or communities were deleted. Mr Darnell says that the events of the day before could be due to a routine problem that doesn't involve hacking.
> assuming orkut was hacked, do u think they will come out in the open to say that "we were hacked".... i dont think so
Whatever.
But when there is no confirmation from Google/ Orkut officials or from Mr Darnell or any other person of agency of such an impeccable repute, how can anybody believe that orkut was hacked?
How can we believe the statements of some guys posted here because you can see that most of the statements posted here have great degree of contradiction among them.
And most of such statements here seem supportive of the claimed hacking and are protecting the identity of the hacker. Thus, you could be a friend of the claimed hacker. That makes your own credentials doubtful. Who would believe a criminal's friends?
And, most persons who have posted here trying to prove the hacking have not given and link back to their email id or orkut profile or whatever so that anyone can talk back to them, or quote them as a reference.
Suppose Mr Darnell believes these statements posted here and forward the info to other agency and platforms saying that orkut was hacked and communities were deleted, all he has is these statements posted here to back his report. And these statements are contradictory, and posters of these statements are unreachable. Then why would anybody who would read Mr Darnell's report believe him? And Mr Darnell's repute would get compromised.
If you are saying that orkut was hacked, the onus of proving that is on you, and even after 21 comments, not a single of your comments has got proven to a single word.
Prove it that orkut was hacked or please stop this story. It is getting repetitive and boring and seem to reach nowhere.
Thanks.
OUG10 HAS GOT HACKED.
--------------------
Some BRAZILIAN hacker has hacked orkut's OUG10 community, the official playground of OUG10.
He has changed the community description, stripped all earlier oug10 moderators of their posts.
See for yourself:
http://www.orkut.com/Community.aspx?cmm=31312201
The profile of the new owner of oug10 is
¤●๋•Mr.Db ●๋•░▒▓█[-23 dias]¤
http://www.orkut.com/Profile.aspx?uid=2420816616486189181 [P S M T T F F P A R]
So, these oug10 hackers who had been claiming to have hacked an orkut admin's password and use that to delete 100s of communities could not save their own community.
Speaks enough about their skill level.
Does anyone feel that such persons are capable of hacking orkut admin's password and of deleting 100s of communities?
lol ... verify your facts and then post
our owner(d3) was deleted by orkut today morning ... so as usual when the owner of the comm gets deleted any member of the comm who has been a member for more than 7 days can become owner(i dont think you know about this)
so this Brazilian unfortunately became the owner ... and removed all mods from the list
and me a mod was also removed ... plz dont jump into conclusions without verifying
and one more think .... no one can hack us so easily
@vikas - You are quite an Anti OUG Authority.Now kindly listen to my point:
IMHO, No one other than orkut Admin Shanon is responsible for this misuse.This means google is hiring incapable personnels for an high security job.The point is, it was not much of a brute fore attack or a DOS attack on orkut.An careless staff member just ran a script which even kids on orkut play with and transferred the cookie to the respective account.
What i think is, the most punishable offense has been committed by the Orkut Admin for running such a lame script.
We can all see you hate agiast OUG members as in one of your hate communities against us, but that's a secondary issue.My point was, this guy would do anything that could harm us.
Darnell - Quick job Bro :) and yes, It was 100% hacked :)
i am quite a capable person of OUG, as you have never been to the depths of OUG, don't talk much, i know the person who has deleted it, and he is my friend and google knows about him quiet well. his profile has been deleted more than 35 times today. visit OUG a bit so you will get to know him.
well about deletion of communities. he deleted all the hate communities on orkut. try to search any hate-india or hate-pakistan comm. you will find many less communities. because many were deleted by him. i think killing 100 dangeruos criminals is better than keeping them alive. you can check the description of OUG. do you think it was changed by D3?? no, it was changed by the person who deleted all the communities. see the tribute part.
@Prateek wrote:
> you can check the description of OUG.
Ok Prateek. Let me check.
Hmm, OUG10's description reads:
-- start
Orkut Underground 10 [ OUG™ ]
description: I do not go to deletar community some! Grateful!
MADE IN BRAZIL !®
@ all oug members
http://www.orkut.com/CommMsgs.aspx?cmm=31312201&tid=2537535855442396953 [P]
================
NOTIC TO MODS
DONT DELETE ANY TOPIC
====================
Dont Worry This is Deadly supercharger just apni thodi prashansha kar ha lollz
Jaldi muje sab comms k link do is se pehle cookie expire ho jaye i will del all anti comms deadly here
-----------------------------
I will not remove above
as a tribute to deadly
OWNED !!!
Br Rlz !^^
-- end
@prateek wrote:
> do you think it was changed by D3?? no, it was changed by the person who deleted all the communities.
Hmm. So, you are saying that some part of the above "was written by the person who deleted all the communities."
Mind specifying which part in the above was written by that person?
Does it contains the name or identity of the person who had deleted all the communities?
> see the tribute part.
Tribute Part? OK. Hmm.
are you refering to "I will not remove above as a tribute to deadly"
but, what is meant by "tribute to deadly"?
What is deadly?
The term has appeared earlier also.
> "This is Deadly supercharger"
What is "deadly supercharger"? Mind clarifying please.
Awaiting your reply.
whatever...
Vikas Just Get a Life!
Just give OUG members some space...
yes i am talking about deadly
deadly supercharger is a person. and i think that you know him so don't ask that question. It is not D3, who will change and put such a description, do you think he will???
anyway forget about it. you don't know or understand OUG even a little bit, you are new to it. just seeing one version of OUG has made you think about it in the wrong way. and don't ask me how the old versions were.
I am shocked to hear that hows the user information security is compromised by google authority. Unfortunately i was also lost my profile from orkut and recreated new one ..
Hacking is a pain... for sure!!!
Chris
TheOriginalCoffeeCompanyOnline.com
how can i send a scrap or massage to all members of cammunity in bulk in orkut
can anyone please confirm that is it the same vikas pandey who is involved in orkut cookies hacking by providing an infected script in userscripts site??
yes he is the same. he also hacked "indian army" community. thanks to orkut that it restored the ownership
someone hacked my gmail and orkut account and now is using it.....my mail id was...harsh2manu@gmail.com......but i cant open it know...can u tell me the way to get it back........reply me on this id: cool_harsh316@yahoo.co.in
@vikas
LMAO.... buddy u r getting hyper... all ur words against hackers are hollow. They don't mean nothing. This far cry of urs is not gonna bear any fruit. You think of urself as some messiah or something, huh? instigating a war against hackers? And you seem to be a die-hard supporter of google's security system. You know what, every byte in this computer world is fragile, everything can be broken. I don't wanna boast myself, but I'm the first person ever to create a scrapbook flooding script. Members of OUG (the first) know me very well. There after I left this hobby.
To be honest, this is not any heavy duty hacking shit. Comp-Illiterate people click on malicious scripts and things happen. This is quite possible to hack any account and delete any comm there after, using the methods mentioned over here by some of the present OUG members.
Anyways, there is no point in arguing over this, in fact I shouldn't have reinstated a thread which has been dead for last few months, but I couldn't resist.
Alvida.
my community is hack plz help me i want my community back i love my orkut community rep n contect me i beg u contect me my email add is Ghazanfar3@gmail.com
Kindly check your inbox n help us to sort out our problem, regarding Pakistani community called Islamic Republic of Pakistan (IRP)
No wonder sensible people have left orkut for Facebook. Orkut sucks.
Post a Comment
Welcome to Inside Orkut, the unofficial blog to Orkut.com, a social network by Google.
Feel free to post your opinions and questions below, or just email me or scrap me if Orkut is your style.
Cheers!