Based on a post from underpressure, let me offer a few words to those with questions (and the reference of "the big-guy" comes from underpresssure, not from myself.)

There is an excellent review of what happened this last weekend within this thread as posted by attorney28.
http://www.flyertalk.com/forum/Forum.../000933-3.html

When reading (it's just over half way down the page where attorney28 is responding to gleff's question), please note the correction by Punki and then you have it.

What I want to commnet on are the instances whereby a few members had their user accounts hi-jacked. This has happened before (just two or three times in the last five years). In each situation, we have believed that the hi-jack was caused by another member inappropriately having access to a users password or other cause. Sometimes this happens because of communal use of a computer at some event, sometimes it happens by use of a same password with other Web sites, sometimes it happens quite by accident. For instance, one member contacted us this morning about their account being hi-jacked. But an hour later they contacted us to say it wasn't at all a hi-jack caused by FlyerTalk - it was caused by a browser change on their end. I have the assurance of my tech team assigned to FlyerTalk, that it has not happened because of a security lapse on our end. There are just four people in the world that have access to FlyerTalk protocols and I'm one of them. The tech team has no interest at all in the FlyerTalk Community other than to make sure it works right for its members. We change passwords from time to time and in each incident of a hi-jack, scour our Weblogs and other data at our disposal and that of our hosting company. We have high security on our servers because of a relationship we have with American Express and mileagemanager.com. In fact, we use the very same data house that American Express uses for some of their services. We know the security standards are very high for this.

We also know that the standards of the members of FlyerTalk are very high and continue to run FlyerTalk with these standards in mind. We've never - and will never release the back end of FlyerTalk to any other party than ourselves. We've been approached many times for such, usually in the form of an email relationship. But we remain commited to the Community which we all call FlyerTalk and despite the financial lure, will never make that decision against the principles in which we founded FlyerTalk.

I think that the tech crowd that calls FlyerTalk home would actually urge you to rotate your user password just as you might your bank or other personal passwords. Identity theft is not a pleasant thing for any member - and my staff and I stand by to assist any of you in changing your passwords if you have any doubt to your own identity security on FlyerTalk.

There have been a few assertions by members how this may have happened - I have no knowledge that any of these assertions are true. And I would urge any member to not contribute to rumors though they may be fun to read. If you want something fun to read, we offer more than 2.5 million threads about miles, points and travel (OK, a few tens of thousands are about sex, politics, religion, damm lies and whatever Gaucho100K (smilie here) wants us to post in the OMNI foum).

A few members for good reason have urged me to close all threads related to this incident because they have become a bit of a 'Hall of Champions' of words among some members. It would be easy to do, but beyond that, there actually lies some very good dialog. I think I'll allow these threads to exist and try to channel the way in which some members have focused on each other rather than stifle the dialog. It's sometimes from these types of dialogs that members really make a name for themselves. For instance, prior to this, I was not all that familiar to the posting content and style of attorney28. But he seems quite knowledgeable and I'm paying attention.

I hope this helps any member seeking some background on this issue. Thanks underpressue, for asking my input.

Thank You "Big GUY".

Glad to hear that the security of Flyertalk has not been compromised. Your team has been very responsive when I have made them aware of problems... and I could not see them easily allowing the system to be qualified. They are too proud of this site.

Thanks again Randy for providing one of the best resources on the Internet.

William

Thanks Randy.

I hereby wish to express my sincere gratitude to the 'Owner of the Circus' (this is my personal way of referring to "the big-guy") for giving me all the credit for posting the really fun topics on FlyerTalk. I accept all this credit with all my heart...

Furthermore, I will take these comments as a support of my crusade against the evil PPP (eat your hearts out fellows... ) that still lurks around FT from time to time. Gee... since I will never make Moderator, maybe I can be appointed Official FT Bafoon or something...?

To close on a more serious note-- Randy, you know well that I hardly ever agree with you on most things, and that I am a vocal critic on many of your policies. Having said that, while Im the first to acknowledge that I am royal pain in the butt more often than not, I still think this is a site that has a lot to offer, and that you deserve some credit for its depth and success, and perhaps a little more gratitude from all of us (Im first on that list) for keeping it up. For whats its worth, you have some of mine (ie. gratitude). I promise to continue posting some of those fun topics, and will try to tone them down enough so that the PPP and the moderators dont catch them...

Greetings from Buenos Aires (where many not too small an airline could use a good consultant for their lame FFPs)...

------------------
Gaucho100K

[This message has been edited by Gaucho100K (edited Feb 03, 2004).]

Thank you Randy.
Hint: Among your several thousand e-mails are two of mine...when you have time, please reply!

Randy, thanks for the update.

IMHO, I suggest that you also set some rules for the ORP board that restrict the nature of the content on the threads that people post here. Many of us are tired of reading "TIMEOUT" topics, as most of them are actually personal attacks on other members. If someone has violated the TOS, they can email the moderators or you.

It may also be in your interest to appoint some trusted members of the moderator team to keep an eye on this board in your absence. Please give them the same timeout powers as the Omni board.

Randy,

Thank you so much for your statements. You have your hands full. I want to thank you for FT and all the fun we can have around here.

As your site continues to grow and I believe that it will. I recommend it to people ever time I travel. I think that you are going to have continuing problem like these. Wish I had some answers for you but I don't. So just hang in there "big-guy".

------------------
dallasflyer, Living in Denver and Dallas, oh boy!

Thank you Randy.

Would you (or Dan) also be so kind as to verify that my [b]Punki[b] and [b]fake handle[b] accounts were indeed compromised. There are now some posters who have accused me of having made this up to deflect suspicion from MoreMiles.

Thanks for the response BIG-Guy

I do appreciate it.....

Well, I have seen pictures, and I have to say...

He is not

THAT

big...

I feel comfrotable in saying that it does seem that Punki's accounts were hi-jacked. They have been remedied and are back in working order (and she was telling the truth about me allowing her a second account. I have in the past granted those exceptions when informed up front. Problem is most do it on the sly and I have no remorse for shuting those accounts down when proven). My staff, Punki and myself are clueless as to where the hi-jacking came from. We've tried to isolate the time and the tracks with no avail. MoreMiles is not alone in other Web sites whereby a member may have similar passwords. Some of you may on occasion visit frequentflier.com, ityt.com, 1kflyers which all require registration. I personally (and this is only my current thought) don't think it came from MM, rather an isolated incident because of information gathered over time.

I do know that beating up on Punki will likely draw my ire (she's a member like any other member and subject to the very same respect and protection as any of you).

Many thanks to Randy & his team - they do a fab job - even when things aren't always fun & pleasant. FT is a wonderful resource for all of us, and I'm thankful it exists.

------------------
Sharon

I can't imagine who has been disrespectful to or beat up on Punki, as I'm sure she's subject to the same straightforward, honest, and impersonal scrutiny and questions as any other member. However, as I said elsewhere, I haven't read all of the threads.

I'm satisifed, as all I wanted to know was whether or not that scenario had been considered, as achem's razor would suggest that it should at least be considered.

I'm saddened that Punki would interpret this as an "accusation" when it was a simple query.

Most importantly, I'm glad to hear the investigation has borne out that there's no possibility that she could have merely claimed that any strange posts weren't hers.

I'm much more eager to find that this is the work of a disgruntled (not accusing any goats! former member than a valued and active member of our community.

Next time I post a particularly nasty flame post, I'll follow it up claiming that my account was hacked.

I predict that the "I was drunk" defense is going to come out of the woodwork soon.

FewMiles..

How are you so sure, are you going to invoke it?

Just kidding...