Posted on 03/16/2025 6:09:41 AM PDT by Lazamataz
I've noticed, over the years, that very old Free Republic accounts, accounts that have been inactive for months or years, suddenly reactivate.... but their politics are suddenly suspect.
Be they Zeeper-oriented (that is, super-favorable to Ukraine) or, conversely, super-favorable to Russia, or even suddenly-liberal... these accounts reactivate with a flurry of posts that are contrary to conservatism.
Are these real Freepers who have had a change of heart about their politics? Are these real Freepers who feel the need to jump on the forum with propaganda and support for one side or the other per the Ukraine/Russia war?
Or are these hijacked accounts?
People will recall some time back, quite a few accounts of active Freepers were hijacked. It created a bit of a problem. When all was said and done, the accounts were returned to their rightful owners, and the site owner (and his moderator crew) pointed out that their passwords were very easy to guess. He instructed people to have stronger passwords.
I also have a friend on Facebook who no longer participates in the forum, but still reads it, who has seen a Freeper posting who he happens to know has been dead for more than a decade.
The problem is, we have far too insecure a login process, and enemies of the forum have been exploiting that.
At the login page, you can attempted unlimited login attempts. This will allow simple brute-force password cracking.
Also, the Forget Password option sends an email with your password in clear text. Emails can easily be sniffed with the right techniques. Passwords can easily be cracked that way.
My suggestions to mitigate these critical security concerns are:
These relatively-simple security changes will stop account-hijacking.
Two factor authentication can also be accomplished by sending to an email address, however, this is less secure. Still, better than nothing.
While that is undoubtedly true, I am most concerned about the fact I can easily brute-force a password crack. There is no limit to the number of attempts.
People change over time. And, you can’t always judge the ‘politics’ of what an account used to seem like against some of the more controversial topics of today. One of them is the Ukraine and who falls down on what side of it.
The one big thing that would stand out for me is a former 2016-2020 Trump supporter being overly critical or unsupportive of Trump today.
Laz is pointing out a vulnerability of the site.
If you were in a foxhole and someone spotted an enemy would you react that way?
Sure. But what still remains is unlimited login attempts. If I felt like retrieving a brute-force password cracker routine, I could get YOUR password. 😁
Of course I won't... but I could.
I love FR, but the whole platform is stuck in the 1990s. The tech is dated and it shows.
Absolutely could!
I like the no-nonsenseness; but yeah, there could be some more ways to stop hijacking.
A lot of FR veterans would not be willing to trust even this site with a phone number.
How dare you accuse Laz of fanciestism!
💯%
Americans must contend with three enemies...all within.
Democrat Party
RINOs
Judiciary
The judiciary is the left’s ace in the hole. Use of it failed when the attempts to jail DJT failed. Now they use it t thwart the will of the people.
At every turn there’s a judge appointed by one of our lousy presidents thereby becoming a landmine to stop the guy we elected to overhaul and drastically reduce the monstrous government.
No more Mr. Nice Guy! Confront those judges who willfully deny the people’s desire to drastically change the central socialist government.
Go on the offensive, Mr. President!
Some very simple programming could mitigate the security holes.
I submit that they were never Conservative in the first place.
Thanks, Laz!
Cool it! Laz is a good egg.
Of all the things I have been called, over the years, being called a fanciest was the most cutting of all.
I'm not sure I will recover from being called someone who embraces fanciestism.
I may need to enroll in therapy because of this.
Next you’ll be accusing him of consuming that fancy CATSUP!
Two factor can use landline phones.
I find it hard to believe anyone would not want a phone especially when older.
Cant read the cellphone,how read emails? I call BS on such claims.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.