930 Forums
=> GENERAL DISCUSSION => Topic started by: grateful tagle zuppi pizzaboli on May 30, 2024, 02:04:37 pm
-
https://www.techradar.com/pro/security/ticketmaster-breached-data-of-over-500-million-users-allegedly-put-up-for-sale-online (https://www.techradar.com/pro/security/ticketmaster-breached-data-of-over-500-million-users-allegedly-put-up-for-sale-online)
-
Well if this doesn’t make people love Ticketmaster….
-
time to change your password...
-
I refuse on principle
-
I refuse on principle
If we change our passwords, the terrorists win.
-
I refuse on principle
If we change our passwords, the terrorists win.
if we don't change our passwords, the online scammers win
terrorists are indeed scarier than online scammers, but the scammers are a more likely threat so i'll go with the odds
-
We must all embrace our new identities as hackees
-
I trust that Ticketmaster will spin this into a positive and start assessing ‘Data Sharing’ fees on all tickets purchases
-
More fun and games
Ticket scalpers have reverse-engineered how Ticketmaster generates the revolving barcodes for its tickets. They are now able to generate authentic tickets on their own infrastructure, which removes resale restrictions and lets them sell
This solves a mystery lots of fans who bought on secondary market had, for why they were being asked to open their tickets on "secure-tickets.com" or "amosa.app" or some other non-Ticketmaster website.
Revolving barcode tickets work essentially like app-based 2FA. So the broker have figured out how to grab the token and how to use it on their own websites to generate a new ticket that no longer has resale restrictions and scans exactly like a genuine ticket.
Some of these services are being sued by Ticketmaster's biggest competitor, AXS, for making "counterfeit" tickets. AXS is going after them partially on copyright and trademark grounds bc these services use AXS logo. No one involved in the case will
https://x.com/jason_koebler/status/1810321470578704642?s=46&t=81bsTFbar0Jl_mHBl9WnuA
Scalpers Work With Hackers to Liberate Ticketmaster's ‘Non-Transferable’ Tickets
https://www.404media.co/scalpers-are-working-with-hackers-to-liberate-non-transferable-tickets-from-ticketmasters-ecosystem/
-
As long as they don’t figure out how to take a ticket and turn it into multiple scannable tickets….
-
As long as they don’t figure out how to take a ticket and turn it into multiple scannable tickets….
That's where I thought this was going. What's to stop them?
-
Well I suppose it’s TM’s job to stay ahead of them with the ticket scanners picking up on fact tickets are funky…making tickets transferable doesn’t really affect the bottom line it just makes it so scalpers can scalp but if you can game things to make multiple tickets that scan then the concert industry couldn’t go on I suppose…
-
More fun and games
Ticket scalpers have reverse-engineered how Ticketmaster generates the revolving barcodes for its tickets. They are now able to generate authentic tickets on their own infrastructure, which removes resale restrictions and lets them sell
This solves a mystery lots of fans who bought on secondary market had, for why they were being asked to open their tickets on "secure-tickets.com" or "amosa.app" or some other non-Ticketmaster website.
Revolving barcode tickets work essentially like app-based 2FA. So the broker have figured out how to grab the token and how to use it on their own websites to generate a new ticket that no longer has resale restrictions and scans exactly like a genuine ticket.
Some of these services are being sued by Ticketmaster's biggest competitor, AXS, for making "counterfeit" tickets. AXS is going after them partially on copyright and trademark grounds bc these services use AXS logo. No one involved in the case will
https://x.com/jason_koebler/status/1810321470578704642?s=46&t=81bsTFbar0Jl_mHBl9WnuA
Scalpers Work With Hackers to Liberate Ticketmaster's ‘Non-Transferable’ Tickets
https://www.404media.co/scalpers-are-working-with-hackers-to-liberate-non-transferable-tickets-from-ticketmasters-ecosystem/
This is great for consumers. Ticket scalpers are heroes.
-
As long as they don’t figure out how to take a ticket and turn it into multiple scannable tickets….
That's where I thought this was going. What's to stop them?
"inventory"
the hacker-scalpers aren't "creating" new tickets in the system, they are "referencing" existing tickets (hence the need to grab the ticket's token first).
gross generalization: a seat in a venue, for a given performance, is given an "inventory ID" of 12345. the rotating barcode system generates a new barcode every 30 seconds, but when that temp barcode is scanned it ultimately resolves to 12345. if you crack the barcode generation system, it means you can insert yourself in front of that 12345 ticket - but you can't create, say, ticket 54321 because 54321 doesn't exist in inventory. once a ticket is scanned, it's marked as "used" in inventory so you can't scan it a second (or third, or...) time.
-
This is great for consumers. Ticket scalpers are heroes.
edgy
-
This is great for consumers. Ticket scalpers are heroes.
edgy
Ive been pro-ticket scalpers on here for two decades.
-
This is great for consumers. Ticket scalpers are heroes.
edgy
Ive been pro-ticket scalpers on here for two decades.
also edgy
-
As long as they don’t figure out how to take a ticket and turn it into multiple scannable tickets….
That's where I thought this was going. What's to stop them?
"inventory"
the hacker-scalpers aren't "creating" new tickets in the system, they are "referencing" existing tickets (hence the need to grab the ticket's token first).
gross generalization: a seat in a venue, for a given performance, is given an "inventory ID" of 12345. the rotating barcode system generates a new barcode every 30 seconds, but when that temp barcode is scanned it ultimately resolves to 12345. if you crack the barcode generation system, it means you can insert yourself in front of that 12345 ticket - but you can't create, say, ticket 54321 because 54321 doesn't exist in inventory. once a ticket is scanned, it's marked as "used" in inventory so you can't scan it a second (or third, or...) time.
it's the same problem as printing several copies of a PDF ticket - you can make (and sell) as many copies as you like, but only the first scan will be valid.
-
Who decided that the Beyoncé presale and the Doobie Brothers presale would be at the same time?
-
Who decided that the Beyoncé presale and the Doobie Brothers presale would be at the same time?
This cracked me up so much. You don’t even know.