29

Can people just fucking stop using "hacked" as a synonym for "my password has been found out"? Even devs do this shit! Devs should know better about what a "hacked" account is.

Comments
  • 3
    Using leaked credentials (maybe even counter calculate the pw hash) to access an account is in the „hacking spectrum“ to me. Sure it‘s not a breach into discord‘s systems or XSS or whatever.
  • 3
    It is a synonym more often than not. What do you think hacked means? :)
  • 2
    A hacked account would require actual compromising of the service in question to gain access to the account. I don't count using leaked creds or dumped DBs as a hack.
  • 2
    "My account was hacked" is what regular people say when they do not know what really happened.
    And everybody know what that means.

    Get over it.
    Besides, using brute force is a kind of hacking, too.
  • 1
    If the db leak was from the same service that your account has been removed from you're access, then yes.

    If it's just recycled creds in a new service then, yes. As you left the account vulnerable to unauthorised access, just the level of "expertise" was finding a db dump and getting lucky with another site.
  • 1
    @kescherRant why so? Do hackathons mean you have to compromise something? Or does it maybe mean achieving your goal in a short time by using some witty, not necessarily a clean, technique?

    I don't usually agree with RHS, but he was right saying that hacking is not a negative term - on a contrary, it's a very desirablem very rewarding thing. Except media made us tag "hacking" with negativity..
  • 1
    Social engineering, as a part of hacking, is all about finding out other people's passwords without actually ever touching a line of code.
    In other words, if someone found out your password by the means of social engineering that person has been hacked.
  • 3
    Brute force attacks, social engineering, and covertly gaining local access, and many other non-technical exploits all fall under the "hacking" umbrella. Kinda seems like it is you who doesnt understand what hacking is.

    Most pen test teams will try everything else possible first, including just breaking into the office with a lockpick set and copying hard drives, before they attempt a technical code and protocol based hack.
  • 0
    Haxxorz'd
  • 0
    @smirving Sure, but in that case, it wasn't the account that has been hacked.
  • 3
    Getting your password stolen falls into the "hacked" realm imo. But we definitely shouldn't use that term for it. If we actually said "so and so's password was stolen" instead of "hacked", people would take password security much more seriously (or at least a little more seriously).
  • 1
    @kingcodra Exactly!

    Calling it a hack makes it so much easier for people to say "oh no, I could not possibly have prevented that or minimized damage."
  • 2
    It's also the definition the feds use to charge people for 'hacking.'

    Guessing passwords is hacking now.

    Think about that. This is the level of sophistication we're dealing with.
  • 1
    Having a cmd open in my school counts as "hacking" and has gotten me into trouble on multiple occasions.

    Fucking hell I'm just cd'ing around
Add Comment