• The TUGBBS forums are completely free and open to the public and exist as the absolute best place for owners to get help and advice about their timeshares for more than 30 years!

    Join Tens of Thousands of other Owners just like you here to get any and all Timeshare questions answered 24 hours a day!
  • TUG started 30 years ago in October 1993 as a group of regular Timeshare owners just like you!

    Read about our 30th anniversary: Happy 30th Birthday TUG!
  • TUG has a YouTube Channel to produce weekly short informative videos on popular Timeshare topics!

    Free memberships for every 50 subscribers!

    Visit TUG on Youtube!
  • TUG has now saved timeshare owners more than $21,000,000 dollars just by finding us in time to rescind a new Timeshare purchase! A truly incredible milestone!

    Read more here: TUG saves owners more than $21 Million dollars
  • Sign up to get the TUG Newsletter for free!

    60,000+ subscribing owners! A weekly recap of the best Timeshare resort reviews and the most popular topics discussed by owners!
  • Our official "end my sales presentation early" T-shirts are available again! Also come with the option for a free membership extension with purchase to offset the cost!

    All T-shirt options here!
  • A few of the most common links here on the forums for newbies and guests!

Post attributed to wrong user account

kwilson

TUG Member
Joined
Jun 7, 2005
Messages
362
Reaction score
1
Points
228
Location
Eugene, Oregon
[This thread has been split from this thread in the Exchanging forum, and edited for continuity here. mg]

[This post] shows me as the poster. I didn't post this message. Something is wrong here. Will the actual poster please identify him/herself?

Kenny
 
Last edited by a moderator:

Walt

TUG Member
Joined
Jun 6, 2005
Messages
466
Reaction score
4
Points
378
Location
Brookfield, WI.
Maybe Tug is able to find out who posted in your name!

kwilson said:
The post #2 above shows me as the poster. I didn't post this message. Something is wrong here. Will the actual poster please identify him/herself?

Kenny

I wonder if TUG is able to find who did the posting? And how could this happen?

Walt :)
 

Dave M

TUG Lifetime Member
Joined
Jun 16, 2004
Messages
12,242
Reaction score
14
Points
623
Location
Sun City Hilton Head, SC
In my capacity as a BBS administrator....

I believe there are only two possibilities for how someone posted using another's user name. One is that a second person used the same PC as the user, wherein the user didn't log off from the BBS prior to the other person using the PC. The other is that a second person has access to the user's password.

Other than the same-PC scenario, no one can post using someone else's user name without knowing that person's password. The system is so secure that even Makai Guy and I, as BBS system administrators, cannot access another person's BBS password.

The only solution when there is such a compromise is for the affected user to change his/her BBS password. Click on "User CP" on the left side of the above blue bar and then click on "Edit Email & Password".
 
Last edited:

Makai Guy

Administrator
Joined
Jun 3, 2004
Messages
4,564
Reaction score
1,369
Points
649
Location
Aiken, SC, USA
Resorts Owned
Spicebush (Hilton Head Island)
The IP from which the post was entered is recorded for each post.

The recorded IP for the post in question traces back to a different host than was used by KWilson when registering, or used for any other of his posts, as far as I can tell.

Doing a lookup by IP number, I have found one other user associated with this IP number, and have contacted him to see if this post was from him, and if so, to find out if there was anything odd that happened when he posted.

Edit: I believe the IP in question is in San Diego, and the other user associated with this IP lives nowhere near there. My fear is that this one will also be a "phantom" post attributed to the wrong user.

Second Edit: The source has been identified. The post was actually from John Chase, timeos2 here on the bbs, posted while far away from home on vacation. The only other post we have from that IP was also from John and is correctly attributed to him.
 
Last edited:

Makai Guy

Administrator
Joined
Jun 3, 2004
Messages
4,564
Reaction score
1,369
Points
649
Location
Aiken, SC, USA
Resorts Owned
Spicebush (Hilton Head Island)
Mystery Solved!

I asked John to use that terminal again and see if it logged him into the bbs automatically. It did. As Kenny. John and Kenny must have been at the same resort in San Diego and used the same computer.

Kenny apparently had logged onto the public terminal in the resort's lobby, and used the "remember me" button when logging on, thus saving a login cookie for his account on the public computer. When John later used the same public computer and went to the TUG BBS, it just automatically logged him on as Kenny as a result of the saved cookie. We're all so used to logging in automatically from our home computers that John never noticed it had logged him into somebody else's account. I asked John to log off the bbs when done to be sure the cookie was removed.

Moral of the story:

When logging in from something other than your own computer do not use the "remember me" button. And be sure to log off the bbs when finished.
 
Last edited:

Keitht

TUG Lifetime Member
Joined
Jun 6, 2005
Messages
3,518
Reaction score
3
Points
36
Location
Gloucester, England
Were Kenny and John aware of each others presence at the resort? It's not relevant to the issue - I'm just intrigued.
 

JeffV

TUG Lifetime Member
Joined
Jun 6, 2005
Messages
825
Reaction score
0
Points
16
Location
Houston, TX
I have had this happen several times at resorts. When logging in it will give me a saved user name and password. You can't believe how many don't have a clue about what they are doing on a computer. The advice of NEVER use the remember me button on a public compter and ALWAYS log off can't be stressed enough. I have seen people not log off after using a credit card or accessing personal financial information.
Makai Guy said:
I asked John to use that terminal again and see if it logged him into the bbs automatically. It did. As Kenny. John and Kenny must be at the same resort in San Diego this week.

Kenny apparently had logged onto the public terminal in the resort's lobby, and used the "remember me" button when logging on, thus saving a login cookie for his account on the public computer. When John later used the same public computer and went to the TUG BBS, it just automatically logged him on as Kenny as a result of the saved cookie. We're all so used to logging in automatically from our home computers that John never noticed it had logged him into somebody else's account. I asked John to log off the bbs when done to be sure the cookie was removed.

Moral of the story:

When logging in from something other than your own computer do not use the "remember me" button. And be sure to log off the bbs when finished.
 

kwilson

TUG Member
Joined
Jun 7, 2005
Messages
362
Reaction score
1
Points
228
Location
Eugene, Oregon
Thanks to the administrators for running this down. I apologize if I caused the problem. However, I am well aware of the dangers of the "remember me" button. I use library computers on every trip we make. I would be surprised if I actually clicked that button, but everyone makes mistakes. I did use the computer at San Diego Country Estates in December so that must be what and where it happened. Again, thanks for your help in explaining this, and I promise I will be especially careful in the future.
 
Last edited:

timeos2

Tug Review Crew: Rookie
TUG Lifetime Member
Joined
Apr 11, 2005
Messages
11,183
Reaction score
5
Points
36
Location
Rochester, NY
Wow - That has been there since December? I guess no one else went to TUG or at least didn't log in and post.
 

AwayWeGo

TUG Review Crew: Expert
TUG Member
Joined
Jun 6, 2005
Messages
15,753
Reaction score
1,678
Points
699
Location
McLean (Fairfax County), Virginia, USA.
Resorts Owned
Grandview At Las Vegas

[triennial - points]
Clean-Slate Shut-Down Routine On Resort Computers

We were in Orlando FL at Vacation Village At Parkway in January 2006, on RCI Last Call. While goofing off & enjoying ourselves at the resort, I made use several times of the (free) 3-terminal Internet room upstairs in the check-in building.

The way it works is, each terminal has its log-in name & password taped onto the monitor frame right above the glass screen. As soon as you log in, an internal 15-minute clock starts running. At the end of 15 minutes, the computer logs you off & in the process (I believe) does a clean sweep of the cache or wherever it is that the computer stores things like web-based user names, passwords, cookies, & all that stuff.

If nobody is waiting, it's OK to log on for another 15-minute session & everything starts over fresh.

-- Alan Cole, McLean (Fairfax County), Virginia, USA.
 

kwilson

TUG Member
Joined
Jun 7, 2005
Messages
362
Reaction score
1
Points
228
Location
Eugene, Oregon
timeos2 said:
Wow - That has been there since December? I guess no one else went to TUG or at least didn't log in and post.


Yes, it was the second week in December. I am sure glad you're not a sinister person. You could have got me in a whole lot of trouble. ;)

Kenny
 
S

Sydney

This also happened to me.

When we stayed at the Houses at Summer Bay, I went to the library nearby and went to the TUG website. I was automatically logged on as a well-known (to me) TUGger. I cleared the cookies and logged myself in. Can't remember who it was but am wondering if you by any chance stayed at Summer Bay or nearby in Feb 05 Kenny???
On the same terminal, I went to check email and someone else's account was also still logged in. Go figure.
 

Walt

TUG Member
Joined
Jun 6, 2005
Messages
466
Reaction score
4
Points
378
Location
Brookfield, WI.
Is there anyway to get the word out?

Dave M

In this day and age more and more Tuggers are using the internet away from their home. Anyone that is on vacation for 3 or more weeks may even be paying their credit card bills on line from a public computer. While most people would not do so with someone standing behind them, they walk away form a public computer after conducting a Credit Card transaction without thinking about that they are leaving behind.

I do my personal transaction on my own laptop computer. This may not be totally safe but I think it is worth the money, time and effort to bring a laptop on a vaction.

To read this thread and see that months have past and yet, something like this has happen, is very eye opening.

I think every Tugger should read how this happen. Maybe this will wake some Tuggers up.

Perhaps a PM to all Tuggers to read this Thread.

Walt :)
 

Dave M

TUG Lifetime Member
Joined
Jun 16, 2004
Messages
12,242
Reaction score
14
Points
623
Location
Sun City Hilton Head, SC
Walt -

Although your suggestion is laudable, it's not something that we would deem appropriate.

If we decided to send all TUGgers a message regarding this consumer issue, there are probably 50 more consumer issues for which we should also send warnings. How would we decide which to send and which not to send?

From a practical standpoint, if such a post as discussed herein caused a problem, we could quickly delete it. Also note that with over 60,000 posts, including those that have been pruned, this is the first report of such a problem.

Thus, although TUGgers should be careful when using websites from a public computer, especially bank, credit card and other financial websites, the minimal TUG issue is probably not worth sending a mass message.

Lastly, not everyone appreciates such unsolicited messages!
 

Walt

TUG Member
Joined
Jun 6, 2005
Messages
466
Reaction score
4
Points
378
Location
Brookfield, WI.
How about a Sticky in the Tug Lounge?

Dave M said:
Walt -

Although your suggestion is laudable, it's not something that we would deem appropriate.

If we decided to send all TUGgers a message regarding this consumer issue, there are probably 50 more consumer issues for which we should also send warnings. How would we decide which to send and which not to send?

From a practical standpoint, if such a post as discussed herein caused a problem, we could quickly delete it. Also note that with over 60,000 posts, including those that have been pruned, this is the first report of such a problem.

Thus, although TUGgers should be careful when using websites from a public computer, especially bank, credit card and other financial websites, the minimal TUG issue is probably not worth sending a mass message.

Lastly, not everyone appreciates such unsolicited messages!

Dave M

I'm sorry but I think this is an important issue. Even you not did understand how this could happen.

2 months ago, at the Weston, the Credit Card problem happen to the person using the computer before me. They minimize the window instead of closing it and didn't log out. The person using the computer was Very Thankful I told them about it.

At least put it in the TUG Lounge as a Sticky. Use a heading like " Are Public Computers Safe?

Walt :)
 

Dave M

TUG Lifetime Member
Joined
Jun 16, 2004
Messages
12,242
Reaction score
14
Points
623
Location
Sun City Hilton Head, SC
I agree that credit card (and similar personal info) safety is an important issue. However, warning consumers about such issues doesn't fit within TUG's role.

I believe it would certainly be appropriate for someone to start a thread in the Lounge suggesting that TUGgers use care when using public PCs.

And, yes, I did understand how it could happen. What actually happened was one of the two scenarios that I offered in my first post in this thread - before we found out what happened.
 
Last edited:

timeos2

Tug Review Crew: Rookie
TUG Lifetime Member
Joined
Apr 11, 2005
Messages
11,183
Reaction score
5
Points
36
Location
Rochester, NY
kwilson said:
Yes, it was the second week in December. I am sure glad you're not a sinister person. You could have got me in a whole lot of trouble. ;)

Kenny
As it is I see a not so subtle hint that your user name was hijacked for unsavory reasons from one of the true conspiracy believers. I hope the other conspiracy theories have a stronger basis in fact, but I seriously doubt it. Glad I found it by accident and cleared the auto login thanks to Dougs follow up check. Sorry for the one errant post.
 

LLW

TUG Member
Joined
Jun 6, 2005
Messages
1,778
Reaction score
2
Points
36
This also happened to me. I was at a resort using the public computer, logging into another timeshare site. It asked for a log in and I logged in, with my own username and password. It accepted that, but quickly changed the username to another user's who also frequented that site. I quickly logged out and re-logged in with my own name. I later found out the other user was at the resort during the same period.

Since then, after I use a public computer, I have not only paid special attention to logging out, closing windows, and having the computer not remembering my name, I also try to delete all cookies and temporary files when I leave. Some computers would not let me do that, probably for security reasons, but some would.

My concern was not only with sites remembering cookies etc., but of subsequent users of that computer who somehow might be able to use those cookies and temporary files to get personal info from sites that I have used on that computer. I am not computer savvy and don't know if that is actually doable, but think I should take all the precaution that I can.
 

EileenSRN

TUG Member
Joined
Jul 7, 2005
Messages
397
Reaction score
0
Points
226
Location
Western NY
Although I do bring my laptop on vacation, I'm resisting paying for a wireless access provider. Consequently I occasionally use a hotel's computer. Part of my shut off process is to clear cookies, temp files and history from the browser before I close the browser. Afew times I couldn't get to them and asked the librarian if they would while I watched. I'm not really paranoid :eek:
 

T_R_Oglodyte

TUG Lifetime Member
Joined
Jun 6, 2005
Messages
16,275
Reaction score
8,250
Points
1,048
Location
Belly-View, WA
One alternative if you have a laptop is to bring along an AOL sign-up disk. Then install AOL. You get 45 days free. Then terminate the membership before 45 days.

ONe issue with that, though, is that even afrer unintalling AOL, AOL detritus is till itttered all over your operating system files.
 

Makai Guy

Administrator
Joined
Jun 3, 2004
Messages
4,564
Reaction score
1,369
Points
649
Location
Aiken, SC, USA
Resorts Owned
Spicebush (Hilton Head Island)
T_R_Oglodyte said:
ONe issue with that, though, is that even afrer unintalling AOL, AOL detritus is till itttered all over your operating system files.

Not a small issue, imho. And the internet is filled with people complaining that after they discontinued AOL, they can't get AOL to stop billing them for service.
 

EileenSRN

TUG Member
Joined
Jul 7, 2005
Messages
397
Reaction score
0
Points
226
Location
Western NY
I'll drink to that!!!

We did the AOL thing last year in Feb and cancelled the week after we got back. We were still getting calls and attempts at billing us in June. My husband finally asked his business attorny's office to send them an email. It worked.



Makai Guy said:
Not a small issue, imho. And the internet is filled with people complaining that after they discontinued AOL, they can't get AOL to stop billing them for service.
 

kwilson

TUG Member
Joined
Jun 7, 2005
Messages
362
Reaction score
1
Points
228
Location
Eugene, Oregon
timeos2 said:
As it is I see a not so subtle hint that your user name was hijacked for unsavory reasons from one of the true conspiracy believers.

John, I know I am the one who screwed up. And I owe and offer you thanks for explaining what happened for everyone. As far as I know no one took advantage of it for "unsavory" reasons. As for all the others, my face is red enough already, but if it serves to educate other Tuggers... Great! Please don't make more of this than is necessary.

Kenny
 
Last edited:

EdB

TUG Lifetime Member
Joined
Jun 6, 2005
Messages
48
Reaction score
0
Points
316
kwilson said:
John, I know I am the one who screwed up. And I owe and offer you thanks for explaining what happened for everyone. As far as I know no one took advantage of it for "unsavory" reasons. As for all the others, my face is red enough already, but if it serves to educate other Tuggers... Great! Please don't make more of this than is necessary.

Kenny

Kenny,

I am certain that John's reference was not to you, but to post #3 in this thread, which was the original thread from which the current one was split off.

The quote in that post refers to "the poster who is hiding behind the name of a bona fide Tugger..."

Gets confusing when threads are split like this.
 
Top