Page 1 of 1

"Tapatalk security incident"

Posted: 14 Dec 2014, 10:51
by Hirazi Blue
Due to an apparently severe “security incident” at Tapatalk HQ, I’m shutting down our Tapatalk service until further notice. ATM it is unclear to me, if the security breach only affects me personally as a registered Tapatalk user or our whole little si-community. Sorry for the inconvenience.
:-?

UPDATE:
I've reinstated Tapatalk after the following, sorry for the scare...
if you have a login on support.tapatalk.com then you are affected. If you last logged in over 4 days ago, then it is unlikely your password has been disclosed as it was encrypted. If you logged in on (or since) the 10th of December then your password has been available in clear text to a person operating a server from Sweden

The logins to support.tapatalk.com and every other tapatalk system are NOT related unless you used the same email address and password.

Affected
- support.tapatalk.com

Unaffected
- www.tapatalk.com
- Admin control panels.
- Tapatalk plugins
- Tapatalk mobile apps

If you log in via the app using google+/facebook (etc), then I will have to ask the devs to provide an exact answer as to how the one time tokens are passed from the external authentication providers to forums and how they are stored and then authenticated back
(Quoted from here)

Re: "Tapatalk security incident"

Posted: 15 Dec 2014, 11:50
by NNois
Hi, on a side note this tapatalk re-bother me every time i check the forum (mobile) not a big deal... the operation you did the last time did work a short time thought...

I don't want to speak for everyone but did someone use tapatalk ??? seems so more easy to use a mobile enabled forum theme (for example the odforce forum)

Re: "Tapatalk security incident"

Posted: 15 Dec 2014, 11:57
by Hirazi Blue
Indeed. I fixed that once and after an update it got "unfixed" again, will have to look into that some time.

And not many people realize we do have a mobile style on offer called "Artodia...". It's limited and limiting (and rather ugly IMHO) but in some situations it might be helpful...

Re: "Tapatalk security incident"

Posted: 22 Jan 2015, 23:13
by NNois
i saw now on my desktop browser annoying notification about a chrome tapatalk plugin, maybe you can poll users actually using this, seems this plugin is capable of installing things under your back

Re: "Tapatalk security incident"

Posted: 23 Jan 2015, 20:50
by Hirazi Blue
I just tried to disable the Tapatalk notifification annoyance.
Please let me know if I was successful in this and if I didn't break Tapatalk itself in the process... :-ss

edit: more than 24 hours have passed since I wrote this post and as of yet nobody bothered to tell me if things (still) work... ~x(