Jump to content

Another Dreamworld FAIL !


Recommended Posts

Statement from Dreamworld Australia: "Good evening everyone, there is an offer floating around Facebook at the moment. Some of you may have claimed this offer. We can confirm that this offer is NOT legit. We are not running any type of Facebook offer at the moment. We are sorry for any inconvenience caused and are investigating the origin of this offer" Well sorry Dreamworld but YES, this was from your facebook account... Either someone at dreamworld dreamed this up (who has access to the Dreamworld facebook page) or they were hacked ..or both. Probally just another way to lure customers into paying the ridiculous amount of $80 for an adult day pass to Dreamworld !!!

Link to comment
Share on other sites

JackBenjaminBrissenden FAIL

Hi all, while it APPEARS this offer comes from our page, it does not. It is showing up on peoples news feeds and not on our timeline. It is very similar to the Target scam which happened a few weeks ago. Unfortunately, there is nothing we can do to stop the viral spread. We thank you all for your patience and understanding while we look into this further.

Link to comment
Share on other sites

Clearly you people know SFA about how facebook, the internet and security works!!! The offer was produced by someone that has access to the Dreamworld Australia facebook page. Heres proof: https://fbcdn-sphotos-a.akamaihd.net/hphotos-ak-ash4/291524_261678940608450_611795934_o.jpg Secure HTTPS facebook connection and "dreamworld" facebook username !!!

Link to comment
Share on other sites

Just because its HTTPS doesn't mean it can't be hacked. All they needed to do was run a program that runs through every possible combination of passwords until they got in. Obviously with a delay so that it doesn't lock the account.

That's called a bruteforce attack. Protip: They take years to accomplish. You know how this sort of thing happens, right? Password written down on a piece of paper, accidentally left logged in on a PC that can be accessed by the wrong person, the list goes on.
Link to comment
Share on other sites

If people are desperate enough they could do it.

No, they couldn't, you don't understand, if Dreamworld had the minimum amount of characters on their password, with no numbers, and the hacker somehow knew to not take numbers into account, it would take more than 50 years, if they had numbers, which is obvious, or if the hacker did not (and he won't) know that there are no numbers in the password, it would take 4 lifetimes to get it. Edited by BemaniAK
Link to comment
Share on other sites

It will be something simple that would have something to do with the park.

Businesses do not use business-related passwords for Facebook accounts, random word unrelated to the park>random numbers that may be related to a certain aspect of the park (height of a ride or something of that nature) is the standard. It does not matter how the characters are organized, the brute force attack is only based on the amount of characters and how many characters you can factor out of the search. There's one thing we, as IT professionals can't help, however, and that's random employees jogging their memories with post-it notes containing the password on their computer monitors for all the cleaners to see.
Link to comment
Share on other sites

We don't even know if there was a password breach.

Exactly right, this is all theoretical banter. The fact is is that Dreamworld's FB page had a false post on it and they quickly rectified it, since Facebook posts have not got legal advertising status nothing will come of this and everyone will go back to their daily lives.
Link to comment
Share on other sites

^I don't even get why people are so mad? They acknowledged the problem very quickly. It's not like they are a bank or something where there is real risk. The line in the OP about this being a ploy to get people to buy full priced tickets is plain bullshit, and is just a desperate attempt to be negative about the park (The title of the thread seems to reflect that)

It will be something simple that would have something to do with the park

Right, but if the hacker were to "run a program that runs through every possible combination of passwords" (Your exact words Crusieshipfan) then how does a mindless, methodical brute force program determine what what word is to do with the park, and what is just gibberish? The word "cyclone" would be tested by the program, but so would "cyclona" or "cyclonb" or "cylonc" or "cyclond" etc etc on equal footing. A 6 Character password using only letters (of either case) has 19 770 609 664 possible options and as BemaniAK said since you cant just do them rapid fire due to FB not letting you make that many attempts. 56 800 235 584 is what it reaches when you add numbers to the mix,
Link to comment
Share on other sites

A 6 Character password using only letters (of either case) has 19 770 609 664 possible options and as BemaniAK said since you cant just do them rapid fire due to FB not letting you make that many attempts. 56 800 235 584 is what it reaches when you add numbers to the mix,

Out of curiosity, how did you calculate this?
Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.