BemaniAK

See what I mean? Nobody bruteforces. This is exactly what I was talking about, some simple mistake opened up a method to post under Dreamworld's name on their own page. Pardon me, I meant a business that needed security, not a restaurant with a POS manager network as their only pieces of computer equipment in the entire building. I did not discredit you because of your "status" Here's a nice long list: 1. Your age 2. Your lack of education Coupled with the reinforcements: 3. Your complete misunderstanding of bruteforce attacks 4. Your complete misunderstanding of Dictionary attacks 5. Your complete misunderstanding of server-side security and lockouts Yeah, you might be very well versed in Hospitality, Veterinary services, Nursing, Law studies, whatever, I don't care, it doesn't matter in this discussion, I assumed you were not well versed in Technology because of your education and you proved yourself that I was correct in assuming it.

I lived in Newcastle for 8 months in 2003. Until you name businesses that I can't verify don't use company related passwords you're still a lying kid. I'm going to blow your mind for a second here, when you spend 2 years studying IT, you learn things. When you spend 10 years in the IT field, you learn things, you find out that notions you had when you were younger were wrong. When you spend hours and hours looking for holes in business security, fixing holes in business security, recovering businesses from breaches, YOU LEARN THINGS. 1. You cannot manipulate server-side security without admin access 2. It takes decades to bruteforce a password 3. The most common form of account and security breaching is due to negligence outside of the PC environment These are hard facts and you're a fool to try and dispute them without any formal IT education or experience of your own, all you go on are your high school rumors and heresay. You keep showing me you dont.

Except the Cyclone was home to Dreamworld's best theming until they decided the power bill was too high.

No, there is not, the only way to bypass server-side security is to breach their entire network manually and modify their server's instructions over a VNC interface, which in itself requires admin access, which requires, guess what? A PASSWORD. You don't get it yet, do you? You are a student arguing against someone who's been in the industry for more than a decade, I know this stuff, you don't. Ok so you don't have any companies to name? Oh right, you know that you'd just be listing off a bunch of random businesses and there's every good chance that I've done work for them in the past. Go ahead, give me a list, I can not only debunk those that I have worked for in the past but I can very easily find out whether or not you're lying through your teeth

It is not, every single attempt must be attempted manually by the program on the actual website. This means sending a login request to the Facebook server with the attempted password, and waiting for a response, because of this, ONE attempt per second would be impressive, and every 5 attempts or whatever the limit is, Facebook locks you out for 10-15 minutes or so.

Plainly untrue, care to explain your calculation? Dictionary Attacks are worthless for the very reason you explained yourself. Name them, your High School will probably be the only one. EDIT: To clarify, there is NO software that can get around the timed lockouts on Facebook as they are all server-side.

I can't help but laugh.

That's right, it's her own fault. Like I said before, a judge's ruling decides whether she gets her payout or not, *I* get to decide what *I* think is ridiculous and her own fault. *You* don't get to tell me my opinion is wrong without being an ignorant fool.

That was you, mistaking my own opinions on the charge with what a judge will rule, which you still don't seem to understand.

I love that, the whole point of your post was to point out that Im only assuming, and you're right, it's no more than an educated guess, and I never said that it is not a disgruntled employee. And then you end it with an assumption on not only what kind of person did it, but why they did it. A joke, an attempt to get themselves in cheap, it doesn't matter why they did it, the fact is is that almost every single Facebook breach, and almost every password leak is due to lack of safety outside the computer in the desks that hundreds of people have access to. If you have spare time be enlightened: http://www.youtube.com/watch?v=4-qnYaw7VGo I see this sort of thing in offices all over Brisbane that I've worked in, it's not a rare thing.

It's part of my job to make sure my employer's network is adequately protected against this sort of thing, trust me, this mistake is from a curious individual looking at a post-it note with the password on it, it almost always is.

As I said, flat money pouch 5 years ago, showed to the assistant at the front of the line was fine, but I had to pretend to put it in a locker whilst hiding it under my jacket this time.

Harder to do on a secure business network than you might think. If I was keylogging DW's computers there are a lot more useful things I can get than a facebook password.

Out of curiosity, how did you calculate this?

Exactly right, this is all theoretical banter. The fact is is that Dreamworld's FB page had a false post on it and they quickly rectified it, since Facebook posts have not got legal advertising status nothing will come of this and everyone will go back to their daily lives.

Businesses do not use business-related passwords for Facebook accounts, random word unrelated to the park>random numbers that may be related to a certain aspect of the park (height of a ride or something of that nature) is the standard. It does not matter how the characters are organized, the brute force attack is only based on the amount of characters and how many characters you can factor out of the search. There's one thing we, as IT professionals can't help, however, and that's random employees jogging their memories with post-it notes containing the password on their computer monitors for all the cleaners to see.

In threads that you aren't in, yes. Try and understand for just a second that it's not me, it's you. When someone says something that is flat out wrong, I correct it, plain and simple, it doesn't matter who you are.

That's not what he said, he said that they need the land if they are to do something with the ride in the future, not that they closed the attraction because they need the land.

No, they couldn't, you don't understand, if Dreamworld had the minimum amount of characters on their password, with no numbers, and the hacker somehow knew to not take numbers into account, it would take more than 50 years, if they had numbers, which is obvious, or if the hacker did not (and he won't) know that there are no numbers in the password, it would take 4 lifetimes to get it.

That's got nothing to do with "letting a darkride building go to waste" the building will not just sit there rotting forever, when Seaworld's current refurbishment makes things normal they will set their sights on committing their budget toward a replacement attraction for that building.

That's called a bruteforce attack. Protip: They take years to accomplish. You know how this sort of thing happens, right? Password written down on a piece of paper, accidentally left logged in on a PC that can be accessed by the wrong person, the list goes on.

Whether or not they posted it themselves or not, ACCC laws do not classify Facebook postings as advertising and as such are not subject to false advertising and/or bait and switch laws. Facebook account passwords are compromised all the time, settle down.

That's exactly my question, why are the policies for what is and isn't allowed on constantly changed? Why can't we secure our belongings with zippers? Why must I conceal my safely secured belongings just to ride?

And? How does that relate to my point? Delays with utilizing empty space that once housed an attraction are worse than closing down an attraction with absolutely no indication of why it's down, if it's gone for good, when it will be coming back, if it's a refurb or maintenance job, or if they're revamping the entire thing?

To be frank that was my first visit in a year (Me and GF's Dreamworld & White Water World passes expired a couple weeks ago) so I have no idea how long it's been closed. Does anyone know if it was closed before that day? I saw it being tested in the morning but the rest of the day it just seemed to sit there completely devoid of any staff.