Inetbet acting funny

Moving onto the error. This came about when the player was sent some information from their account on request. This information mistakenly contained a hyperlink to a page in part of the c/s admin. When the player tried to click to open it they got an error page. This was entirely correct as they were not allowed access to this. That is all this supposed security breach pertains to. The player has had this explained on many occasions but still persists in reporting it and has now brought it up here.

Please be assured that there are no security issues at all. The admin page mentioned is not accessible by a simple username and password combination. As you would imagine it is more complex than that.

Is it not possible that the "problem" is really just as simple as iNetBet's explanation? If this was truly a huge security breach, I would think that considering iNetBet's more than sterling history of coming forward that they would go ahead and say so. And then fix it, and let us know that, too. Has anyone been able to see things they shouldn't, like anyone's private details? Or anyone's account history? Or the actual inside workings of the administration area?
I see no breach. Until I see that someone has actually been able to do some damage with that hyperlink, I'm going to go along with iNetBet's explanation.

And, in the spirit of full disclosure, let me say upfront that my place does offer the same iNetBet signup offer that everyone else and their mother offers, so by all means take my opinion with a grain of salt. Doesn't mean I'm wrong, though.
 
*lol*

Sorry, but i must posted this :D[/QUOTE]

Mike, i think you have read i blow and not i bow, or ?

Pina wrote i bow and not i blow

you're a little

[URL=http://imageshack.us][I]Expired Image [/I][/URL] (the pig on the trace)

sorry, but i must posted this :D
 
We are forgetting a few important issues here .. (yes security is a HUGE issue.. ) but first off.. Sodax never actually posted the emails that ticked management off.. am I correct? so we do not know what is in those emails.
It may not even have to do with this alleged security breach!
I and many of us here have dealt with Emily, Alan and Brian on many occassions without issue!
Denial of winnings, locked account?... Inetbet never does this unless there is a bigger issue.. They have always paid a player under the T&C's..
They were asked to come in and respond.. they did.
So sodax what exactly are you omitting from this thread?
Did you attempt to hack into Inetbet database? Did you threaten alan, emily or brian? just a valid question to a very angry post with alot of accusations.
I have written support many times... never got locked out.. so...
exactly what is in that email?
From the links we can see that Sodax withdrew many, many times.. yes it could be luck... (sure wish I had that much luck!)
but why not answer what everyone is asking...
what do the emails say exactly? don't cut and paste... just show us what you said..
IMO these are the most honest people you will meet and have treated me and many other players here and elsewhere more than fair.
 
???

Sodax...

Did you or did you not... access the administrative area?

And did you or did you not... access any personal information?

Simple questions that you up until now... have not answered.

Thank you.
 
...And screenshots... Resized, etc

1. When click my username in yahoo email
2. I got following page
3...and this is "red alert"-page, like i said

But unfortunately you can do much more...

AND I APOLOGY, if i am really ill now AND that i make/made some human mistakes.
I just try to help people, casinos, etc
 
...And screenshots... Resized, etc

1. When click my username in yahoo email
2. I got following page
3...and this is "red alert"-page, like i said

But unfortunately you can do much more...

AND I APOLOGY, if i am really ill now AND that i make/made some human mistakes.
I just try to help people, casinos, etc

I am sorry you "are really ill" I too have had more than my share of Medical Problems.. but I still didn't see the original email YOU sent to THEM UN-EDITTED!
there has been no breach of security from what I understand and from what I have heard.. but I do see you dodging alot of the same questions.. and all your screenshots are editted also, so we are not sure what other programs you might be running. (I myself have never seen anyone get to that point in any secure server without hacking it. IMO It is not an accusation, but with you dodging posting the emails TO Inetbet from You uneditted, the ones that made them lock you out WE at the forum can not tell exactly what happened or why Inetbet locked you out. I have always rooted for players as I myself have been burned... but Inetbet does have "a sterling reputation" ...
Just like others have stated here.
 
I am sorry you "are really ill" I too have had more than my share of Medical Problems.. but I still didn't see the original email YOU sent to THEM UN-EDITTED!
there has been no breach of security from what I understand and from what I have heard.. but I do see you dodging alot of the same questions.. and all your screenshots are editted also, so we are not sure what other programs you might be running. (I myself have never seen anyone get to that point in any secure server without hacking it. IMO It is not an accusation, but with you dodging posting the emails TO Inetbet from You uneditted, the ones that made them lock you out WE at the forum can not tell exactly what happened or why Inetbet locked you out. I have always rooted for players as I myself have been burned... but Inetbet does have "a sterling reputation" ...
Just like others have stated here.

[removed]
 
Last edited:
and all your screenshots are editted also, so we are not sure what other programs you might be running. (I myself have never seen anyone get to that point in any secure server without hacking it.

But that's the whole point. He should never have been sent the link that allowed him to get to that point. Maybe he did hack it once he was there, maybe he didn't....I don't know. But even if he couldn't, you can bet there are those out there who do have that capability. How many others have accidentally been sent this hyperlink? Are any of them experienced hackers?

Too many unanswered questions for my liking. I need more info. And sterling reputation or not (which I totally agree on BTW)...I don't think that ANY casino would be too eager to admit publicly to this kind of breach, or that one does exist. So far, all Inet has said is that the link was sent to him in error. Fine and dandy. I need someone to clarify what possible repercussions there could be from this error that they didn't even think warranted a response.

If I'm totally off base here, rest assured that I will make a public apology to Inetbet for doubting their word in any way. But I'm not totally satisfied yet. And honestly, I just don't know what to believe. Like I have said, I have zero technical knowledge, so I have asked a couple of other people who DO understand this stuff to offer me their opinion. Then I'll decide.

In regards to emails back and forth with Inetbet, it's a secondary issue to me. There were obviously many sent on Soda's part, and alot of misunderstanding and miscommunication....and frustration by both parties. If Inet wants to lock his account (for whatever reason), I guess they are within their rights to do so. Although a clearer explanation as to why the account was locked may ease some of the doubts I'm having as well. That is probably something that Bryan should look at, if Soda wants to make him aware of it, or push the issue.
 
...And screenshots... Resized, etc

But unfortunately you can do much more...

This is why someone who understands this stuff needs to look at this.

(link edited)
Actual link in my email!

And this. Is it relevant? I have no clue. Someone needs to look at this though. I really don't think it should be taken with a grain of salt, JUST IN CASE.

And another thought, maybe these links should be removed from these posts?
 
Last edited:
But that's the whole point. He should never have been sent the link that allowed him to get to that point. Maybe he did hack it once he was there, maybe he didn't....I don't know. But even if he couldn't, you can bet there are those out there who do have that capability. How many others have accidentally been sent this hyperlink? Are any of them experienced hackers?

Too many unanswered questions for my liking. I need more info. And sterling reputation or not (which I totally agree on BTW)...I don't think that ANY casino would be too eager to admit publicly to this kind of breach, or that one does exist. So far, all Inet has said is that the link was sent to him in error. Fine and dandy. I need someone to clarify what possible repercussions there could be from this error that they didn't even think warranted a response.

If I'm totally off base here, rest assured that I will make a public apology to Inetbet for doubting their word in any way. But I'm not totally satisfied yet. And honestly, I just don't know what to believe. Like I have said, I have zero technical knowledge, so I have asked a couple of other people who DO understand this stuff to offer me their opinion. Then I'll decide.

In regards to emails back and forth with Inetbet, it's a secondary issue to me. There were obviously many sent on Soda's part, and alot of misunderstanding and miscommunication....and frustration by both parties. If Inet wants to lock his account (for whatever reason), I guess they are within their rights to do so. Although a clearer explanation as to why the account was locked may ease some of the doubts I'm having as well. That is probably something that Bryan should look at, if Soda wants to make him aware of it, or push the issue.

I disapproved mysticjoz latest post
And i added following text:

"Please specify! If i will give a direct link, everyone can manipulate their database, and see version numbers! Yes they finally made a update. My screenshots vs current page. And if you have something against me, use PM or email. Thanks"

So if i will give all information, what inetbet gave (by mistake).
Well, damn it, i know that someone can destroy or/steal their database.
Where is over 240.000 players (datasheet/users)!
 
So if i will give all information, what inetbet gave (by mistake).
Well, damn it, i know that someone can destroy or/steal their databse.
Where is over 240.000 players (datasheet/users)!

You were actually able to get to the point where you could tell how many users/clients they have?

Okay, this is the last post for me until I get those opinions/assessments I've asked for. If what you say is true, at least they've made some adjustments. It only took 1,200 emails and how many months? :confused:
 
Just a post to correct my own stupidity...the 240,000 clients thing is information that is readily available on their website. My mistake, I misunderstood (again) the context of the post I quoted.
 
Mike, i think you have read i blow and not i bow, or ?

Pina wrote i bow and not i blow

you're a little

You do not have permission to view link Log in or register now.
(the pig on the trace)

sorry, but i must posted this :D

oops *lol*

sorry, i have really read this ;)

okay, but it was very late (1 o' clock in the morning) so i hope, that you can excuse it :)
 
oops *lol*

sorry, i have really read this ;)

okay, but it was very late (1 o' clock in the morning) so i hope, that you can excuse it :)

i don't must excuse this but Pina must do it and i'm sure she has read it.

Without reaction by her, it means she ignore this. ;)

in germany we would say: not luck had: aber Schwein gehabt ( but Pig had) :p
 
Not sure, do i say stop to this.
Hell yeah, i started this shit. So it is my fault.

And YES i was able to see my database, etc
And yes, they changed their admin version number - so there is some kind of upgrades.
See my screenshots, and that link - so you will see the difference!

Everyone made mistakes already.. , like me, some members, etc.
But we are human beings! :eek:

But this "great company" didn't admit anything (relevant) or didn't even reply to my email, PM, etc - even they are also human beings* (i believe :eek2:)

IF YOU WANT THAT PID (probably disabled function now, since new and newer version) i will give that to member who have enough reputation + who know something - referring security. (ask it)

Pina was kind and edited that quoted post and i removed original PID-link

Well, it is maybe Datasheet-link or whatever... but PID is much easier to write ;)
 
Mike said:
But we are not on topic, so let's go back to it

HaHaHa,

you write everytime we are not on topic

you write this because you can't hear more what you wrote by yourself, also if Pina know who written it. :D
 
Last post and I'm done. Inetbet has clarified a few things for me that I wasn't clear on, and I do have to say that their explanation sounds plausible, even to me who does not understand technical/security issues. I won't go into detail, as no one but me really seemed that concerned about it anyway. But they have put my mind at ease somewhat. No malicious intent on my part Inetbet, none at all....and I'm sorry if it came across that way. I just wanted more info than what I had. I wasn't satisfied with the original post they had made here, and I also understand why they don't want to post anything else.

Soda, if you want to take it any further, you'll have to get Bryan to look at your info/proof I guess, if you're willing, and he is also.

As to his account being closed, like I said..that was never my major concern. Again, something to be taken up with CM.
 
Just a side note: the reason why this wasn't responded to over the weekend was that many managerial staff - to include Casinomeister do not work on weekends. But I see iNetbet did jump in yesterday - which is appreciated.

I've removed the URLs from the screenshot just for safety's sake. But besides that, there is no way that someone without the proper access codes could have accessed their network. Sure, the URL may have been sent by mistake, but it is useless to anyone who is not on the system. I have been informed that Sodax's account was closed for other reasons - not for this.

I think we are chasing "red herrings" here. :D

Sprichwort?
 
HaHaHa,

you write everytime we are not on topic

you write this because you can't hear more what you wrote by yourself, also if Pina know who written it. :D

What have you not understand on my words "let's go back to topic"?

is it really so heavy to understand? :rolleyes:
 
Screenshots.

Those screenshots show that the hyperlink did indeed point to WITHIN the admin area, and not just to the login page. However, they also show that the security sensed that the link was from an unauthorised source and disabled access.
Was this the case initially though, did the original link contain the actual login that allowed access to admin datasheets, whether "view only" or not.
If it can be proven that this was initially the case, then InetBet have mislead the forum as to the true nature of this breach. Their view is that there was never a serious issue, as what is shown in those screenshots was always the case when an unauthorised person attempted to use the hyperlink.

If this was a hyperlink that was coded to bypass the login it would have a form similar to "https:\\<IP>\<hash>\<page>?user=???????, password=?????,<possibly other parameters>.

This actually looks very likely given the "session has expired" error message. This would be triggered since Sodax never had a valid admin session at the time, just the hyperlink. This would confuse the security system into thinking the session had "expired". The "not authorised to view" message would similarly be triggered by attempts to access a secure page without a valid session being detected.
This is deep enough into the system that a skilled hacker would have a pretty good chance of breaking through that last barrier.

We still have opposing views:-

InetBet - Sodax never got past the security at any time, and any "datasheet" was related to their own account, not information pertaining to other players or the admin system.

Sodax - A little confusing, can't seem to decide whether they really DID get right in, or whether the problem was the avalanche of warning and error messages triggered by the website, making Sodax fear that something very serious had happened, hence a security breach.
The first screenshot message is a warning issued by Windows that warns Sodax that it is HIS OWN SYSTEM that could be under threat of attack if he proceeds, not that the remote system is about to be breached.
The second is the InetBet system correctly blocking access and throwing the session back to the login page (third screenshot).

Either there never was a security problem, or it has been quietly fixed and hushed up so as not to unduly panic players of ANY RTG powered site.
Even so, that random 20 letter "hash" STILL gives access to that login page, surely it would have been prudent to change this also, even if it was not thought to be a serious threat now.
 
I have summarised the change of course this thread has taken & sent it to Bryan to mull over.
Others may or may not have done similarly, but this discussion has raised serious issues, and some inside information is needed to get to the bottom of this.
 

Users who are viewing this thread

Meister Ratings

Back
Top