CIMB kena hack?

Lowyat.NET forums

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members

Welcome Guest ( Log In | Register )

Lowyat.NET -> Kopitiam

Bump Topic Add Reply RSS Feed

Outline · [ Standard ] · Linear+

Chat CIMB kena hack?

views

aminpro	Dec 19 2018, 04:06 PM Return to original view \| Post #1
Getting Started Junior Member 191 posts Joined: Aug 2010 From: Town of Eureka	» Click to show Spoiler - click again to hide... « QUOTE(heinlein @ Dec 19 2018, 12:40 AM) It's easy to talk kok when they are not the victim. Even the police officer i report act like nothing happen. I dun trusted media anymore. They are controlled by corporation. QUOTE(TyroneS @ Dec 19 2018, 09:54 AM) They did mention did nothing wrong @ cimb clicks other all wrong did not mention too. QUOTE(sanosizo @ Dec 19 2018, 09:55 AM) if cimb not wrong then how come only cimb kena is there other bank kena same attack? QUOTE(okuribito @ Dec 19 2018, 12:10 PM) With the benefit of the nasilemakTech rebuttal, they say the truncation to 8 chars is not an issue at all because ALL old passwords are 8chars long anyway. IF that's true, yeah it's a non issue. But why need slice with substring(0, 8) ?? BUT I asked here and some people said that their old passwords were longer than 8 chars. In which case, logic says that CIMB must have the passwords stored As Is somewhere in their system So which is it? Were old passwords pre 18Nov exactly 8 chars OR minimum 8 chars (ie longer also got) ?? PS: those who kena unauthorised transactions should flood nasilemak tech with proof / police reports etc (where's the batu api smiley ) PPS: just saw the latest version of se7en's article ... everything I talked about is there QUOTE(okuribito @ Dec 19 2018, 12:10 PM) With the benefit of the nasilemakTech rebuttal, they say the truncation to 8 chars is not an issue at all because ALL old passwords are 8chars long anyway. IF that's true, yeah it's a non issue. But why need slice with substring(0, 8) ?? BUT I asked here and some people said that their old passwords were longer than 8 chars. In which case, logic says that CIMB must have the passwords stored As Is somewhere in their system So which is it? Were old passwords pre 18Nov exactly 8 chars OR minimum 8 chars (ie longer also got) ?? PS: those who kena unauthorised transactions should flood nasilemak tech with proof / police reports etc (where's the batu api smiley ) PPS: just saw the latest version of se7en's article ... everything I talked about is there NLT has amended the two articles in question and added a note in the first paragraph for clarity. https://nasilemaktech.com/cimb-did-nothing-...al-explanation/ https://nasilemaktech.com/debunking-mainstr...never-happened/
Card PM	Report Top Like Quote Reply

aminpro	Dec 21 2018, 06:08 AM Return to original view \| Post #2
Getting Started Junior Member 191 posts Joined: Aug 2010 From: Town of Eureka	QUOTE(okuribito @ Dec 21 2018, 01:38 AM) Adoi, we have the author himself here LOL I read your 2 articles So in both articles, you imply that old passwords cannot be longer than 8 chars? That means less than 8 chars also can? That's pretty extreme ler ... no minimum length ka? And confirm nobody ever could create passwords > than 8 chars in the past? In the first article you said "old passwords do not support or contain special characters" Then in your 2nd article you said "old password consists of letters, numbers and symbols(just not a requirement)" Got or not? TIA The current updated FAQ from CIMB suggests that special characters were allowed in the past, just not mandatory. The JS implementation also allows for special characters to be submitted if it was less than 8 characters. The first article was taking the assumptions of how the old system used to work. The second article reflects a more accurate situation due to the currently given evidence. So far we cannot find good evidence that special characters were not allowed during the 8 character era. Everything else points to it being allowed back then. Regarding the 8 characters thing you mentioned earlier, in the past, the characters were fixed to 8 characters maximum and minimum. There was never > 8 characters in the past because it does not exist due to the old password policy being fixed at 8 characters. The JS logic representing the old policy is the one that is saying "less than 8" as a criterion. All that said, the conclusion is that security was never compromised or hacked due to the new mechanisms for CIMB Clicks as some articles are suggesting in their clickbait headlines This post has been edited by aminpro: Dec 21 2018, 06:19 AM
Card PM	Report Top Like Quote Reply

« Next Oldest · Kopitiam · Next Newest »

Add Reply Options

Change to:

0.0182sec

0.78

7 queries

GZIP Disabled
Time is now: 15th December 2025 - 04:49 PM

All Rights Reserved © 2002- 2025 Vijandren Ramadass (~unite against racism~)

Removal Request

Powered by Invision Power Board © 2025 IPS, Inc.