Maximum PC

Hi. I have some questions regarding vulnerability to hacking of one's identity and one's computer files. I went on a forum (not computer related) where people take various positions on things and it can get some people unfortunately very very overwrought IMO. Anyway I found one day that I was logged in as someone else who posts on the site, without me doing anything at all. And I could not log out of that identity. When I restarted the computer I was still logged in as him. I couldn't log out out of that ID for over a day.

Then recently I found that someone had used my real name as a user name on the site, prior to the above having happened. I suspect it was whoever is the person who had the ID I was locked into for a day because he was very prominently talking back and forth with him (I presume sock puppeting).

I don't know much about this stuff but I would imagine it could be someone from the site who has access to my computer ID number via my internet provider. Or maybe it's just some poster who I crossed somewhere along the line?

I'm using a high speed modem internet service (Clear). I was formerly using Google Chrome as my browser and am now using Firefox and have Windows 7 OS.

Can somebody give me an idea as to whether this person may have been able to access my files and my passwords? How might this all have been done? Would it have to be someone from the site or no? Any ways to protect myself now from him and others in future. Thanks, any insights appreciated.

Tom

I'd say change all of the Passwords right now (if you haven't already) just to be safe

I don't think YOU'VE been hacked, but more your online identity taken over. It's very possible that you've been owned by an asshat admin of the site itself. If it's a controversy based forum, it wouldn't surprise me one bit. You could change your passwords, cloke your IP, and do all that protection stuff; but as soon as you go back to wrestle with pigs you give all that new data right back to 'em. And if it's an Admin, they can still phantom edit your posts and make your point a totally different one.

With you witnessing sock puppeting, I'd think this is exactly what happened. Just a hate mongering site ran by hate mongers themselves that get a kick out of creating drama? If it's a political site, that'd concrete it if it were me witnessing it. I just wouldn't go back. Doesn't sound very productive if it's not an actual open minded round table (i.e. "forum"), 'cause most that visit these will never change their minds no matter what angle you take with logic and facts (and possibly why your account there's been overtaken?)

You can try FireFox and "Private Browsing", but you then couldn't log in. Think it'd be out of line for us to see the forum you're talking about? Up to you, but now I'm curious.

Chumly, thanks for the reply. Your take sounds sensible to my mind but I'm still freaked out about how he came up with my real name though as I only gave them a yahoo email I rarely use which doesn't include my name; I gave them no other information on me personally when I signed up and I never talked about myself on the forum.

I've been told a lot of different things by people and I'm not sure what to believe. One thing I've been told is that unless he sent me an email and I unintentionally downloaded a program from it, he couldn't access my files as he'd need to get a program downloaded on my computer first to do that. You wouldn't happen to know about where I might learn more about this? Thanks. Tom

Well, your name is Tom and you're possibly from Illinois (profile name, not you telling us all at the end). You are also a member of TechGuy.org forums as well and you just visited them less than 5 minutes ago from this posting. If I had your IP, I could find your home within a couple blocks. Just a little more social engineering and I'd probably know a lot more about you than you'd want me too.

Gesup, Lydmila, or Hamilton remotely close? Just stabs in the dark, but with an IP it'd be easier.

Cumly, I went to that link you gave and the IP address that came up was for the internet service provider I use. So is that all the various sites know about me is my ISP's address or do they have a more specific number for me as an individual or do they have to get the ISP to tell them that? Also I'm curious to know the basis for three guesses you made as to my identity. I don't think they are neighbors of mine, at least they don't ring a bell.

You're right, that will probably give you an address that has to do with your ISP. There's no way that they can get your street address or what town you live in based on your IP. I went to that site and based on my IP here at work it showed me being just north and east of Hutchinson, KS. But I'm sitting in the Loop in downtown Chicago right now. Provider is ATT.

But, if Chumly says there's a way to get the town you're in based on your IP I can't ignore that cuz I've read many of Chumly's posts and I can tell you he really knows what he's talkin about...

I've seen that happen too, except how many people put their real names on their machines where you can pull it out of the registry?

This machine is Windows 7
Registered to John Doe
etc. etc.

When social sites become enemy target collection sites, they are not discussion boards any more, but honey pots. I hope to see the day when this stuff stops, and that means a lot of people will not be able to develop plug ins and other things for browsers and have them accepted as quickly as they are now.

Once everyone gets on the same page, these things don't occur, and you have to make people want, and be happy to be on that page, which is a positive direction and goal to subscribe to. With so many security holes out there, I would not even put my real name on a machine during the installation process, because of head aches like these.

Mach9,

Could you explain how this works? ... " I've seen that happen too, except how many people put their real names on their machines where you can pull it out of the registry?"

So when somebody hacks one's computer they only see the registry, or what? I thought they might have been able to go to your browser, click tools>options>security tab>saved passwords. No?

Where would I check in my registry to see if I have my name there?

fire up windows search (hold the Windows key down at the same time you press the "f" key - dont use quotes) and type in your last name. see what comes up. that searches local files.. some of them at least, depending on how search is set.

that doesnt search the registry but you can search that separate. run REGEDIT, click EDIT, FIND, type your last name. click FIND NEXT to keep going once a match is found ** make sure you do not change anything! changes are done LIVE and there is no undo command ** the registry is very easy to bork. look but do not change!

I can't explain how they do it technically, but if you have say remote desktop sharing either on, or the feature turned back on if someone can log in your system, once they pull up your desktop they can simply right click on the computer icon and pull up the technical splash page for your computer which says who the computer is registered to, how much ram they have and what kind of processor. It's all automated, all it takes is someone with the dough to buy the latest buzz hacking program and is not afraid of the FBI.

Their are of course log log files and registry entries that may duplicate this information, and unless someone takes you under their wing and teaches you some things, you pretty much have to figure things out on your own.

Google is working on something where you just load up a web browser on your machine (a combined OS/Browser), and that is really what a lot of people need, a closed browser session where hackers can't install programs and or install malware. Once people figure out how Google does that, their might even be some competing alternatives (yeah, I'd pay for that Microsoft).

You either have to stay away from such web sites, or be really good at defending your machine. I would like to see the day when people who use such protocols are blocked from doing so, but your best bet is to be as nice as you can to people you don't know, offer them your point of view, and then walk away from the discussion.

Getting ugly about things does not accomplish as much in the long run, and your time might be better off spent elsewhere. If someone is publishing your personal information without your consent, that is a crime, and it should be reported to the FBI.

CharBroiled, I did the regedit search and didn't find my name. Does this mean that if I was hacked, that they couldn't have found my name? When they hack you what exactly can they see and not see? Thanks for the reply.

Mach9,

"...if you have say remote desktop sharing either on, or the feature turned back on if someone can log in your system, once they pull up your desktop they can simply right click on the computer icon and pull up the technical splash page for your computer which says who the computer is registered to..."

>>>Do you happen to, know if there is there some way to turn it off so it can't be used? I suppose I could delete it/them. I found Windows Remote Assistance program on my computer. I have an HP Pavillion 6213w which I bought a couple months ago and I don't know if there are any other other remote viewing programs specific to it (which I couldn't find yet).

As far as the site I had the situation with, I wonder if I were to get a different ISP and re-register with a different user name would they (the site itself) not be able to know I was the guy they hacked (if they did)?

If you want to see where the registered user name is in the registry or for that matter change it then read this link. The process is painless.

As to logging onto a website, when you log on or even visit any website your browser and the site server exchange information. Things like your IP address which we know does not lead to your home address. A complete list of the data exchanged can be found here. Note, there is nothing all that personal in that mess of stuff. If I log on to this forum from home my IP reflects my general area of the SE Cleveland, Ohio suburbs. However, if I drive a few miles down the road and log on from my place of work I look to be in Virginia because our company servers are out of Virginia even though I am still in the Cleveland suburbs.

Even remote desktop sharing isn't all that easy unless someone knows your log on and password for your personal computer. However, it is wise to keep remote desktop sharing turned off (it should be by default).

If you are running a broadband internet connection and are paranoid about all this then buy a cheap wired router and shove it between your system and the cable or DSL modem. Then you have what amounts to a very good hardware firewall.

Ron