lol...
 
I'd also like to offer my opinion on the twitter, G+, FB syncing. Please keep that crap WELL separated from the main account. Like none of those buttons and spying scripts and whatnot. I've had serious issues with worlds colliding when some of those sites started helpfully scouring my email contacts and online activities then sending friend/add on requests/suggestions and ads to separate groups and communities that I kept separate for a reason. Any time I see ANY of those stupid buttons I block them and Facebook has gotten so horrendous now I only log into it on a separate partition and with ALL other windows/tabs closed and a completely cleared history.
 
Seriously, my mom doesn't need to be getting friend suggestions from some of the crazy groupies and various lunatics I've met over the course of my bar gig days. Nor do you guys.

Here's hoping that in the process, the hamster will finally get my account to recognise that Sonar 8 wasn't in fact  the last version I registered.
 
FWIW I'm not sure I like the idea of my forum sign-in opening up my account details either.

It's just as safe as usual Paulo. Maybe even more safe as I'm sure Cake would have locked down security even harder for this. Think of it the other way around, the store is opening up forum features. As you know this sort of thing is pretty common nowadays. Give yourself a good password though (recommended with all sites really). Cheers.

P.S. hopefully this will stop people registering multiple accounts. I'd like to see something like 'cakewalk customer' next to forums posts, one better would be the forums would display all the products people have bought (optionally). That would probably be a long way away though.

Hi, Alex.
 
The security risk isn't necessarily on Cakewalk's end. It's on the the user end. Consider how much time you spend logged into the forum and how often compared to how much time you spend in your account. If you happen to get a virus, someone physically installs a keylogger or your computer gets stolen it would be far easier for them to get into your forum account for various reasons (because you logged in enough time for the hacker to obtain you password or you happened to be logged in when your computer was stolen or you have the password saved because it's easier, etc) which sucks but isn't that big of a deal. Because you are unlikely you are going to be logged into your STORE account or you only visit it every once in a while giving less chances for a virus or keylogger to gain the password before you notice it/your av definitions catch it (I can go for months without logging in) then the store account is going to be much more secure simply due to the numbers/chance game.
 
Once you use the same login/password for both you just raised the chances of your store account getting accessed to exactly the same chance as your login. Perhaps more so because now the neer do wells will know that if they can crack the forum account they can get at something useful.
 
Now take my complete separation method where I don't even use the same computer to access one or the other. That immediately becomes impossible. Not good.
 
Anyway, I really feel bad for pointing this stuff out because I'm sure the bakers have worked hard on this and were looking forward to rolling it all out but they did ask for opinions and this seems to be a pretty important aspect that so far seems to have been overlooked in this thread.
 
Most people won't care and the chances are low that anything bad will happen but I'm ultra cautious about this type of thing. In reality Cakewalk itself has the most to lose with these types of attacks because... well I have receipts and invoices to prove I am the legitimate owner of my stuff so I just have to show that whereas they end at possible risk of pirates and whatnot figuring out fancy ways to manipulate the reg codes/sn's. There are also a plethora of ways to protect payment information on the users end too so anyone who takes those precautions should not suffer identity theft if they did it right.
 
So yeah... just hoping these things have and/or will be taken into consideration. Also the Store site seems to be far more stable/secure than this cookie cutter forum which seems to get attacked with some frequency by spammers and phishing freaks. I'm sure the hackers are hammering away in the background as well. Such is life on the intertubes.

mike_mccue
Hi Willy,
 Thanks for the heads up.
 
 I just went to my account page and did a "save as web page" to get a comprehensive record of my serial numbers, reg numbers and order history.
 
 

Cut-n-paste into an excel spreadsheet works too.

@Beep yup all true, the advice you give covers all websites. No security is perfect and prevention/regular maintenance (inc windows update, java, acrobat,flash, antivirus etc) is definately important. If I had a tenner every time I heard somebody say 'well it worked fine before' or 'I've never had an issue' just after being infected I'd be rich.

I maintain servers with lots of users on them myself. I'm patching against SQL injection attacks (for instance) regularly.

Prevention happens at both ends, the weakest link is the most insecure.

Security with Cakewalk will be no different than the store and probably better. As I say everybody does it now and have been for some time. I never allow websites to store my credit card details BTW except PayPal and amazon. People who log into websites themselves need to be responsible for their own security BTW, if they don't feel that way they will soon learn the hard way.

People alway think forums are always inherily insecure, the reality is that the authentication will probably be taken away from the forums and done elsewhere via a provider which will make it MORE secure (better code and infrastructure ). Cake I'm sure are well aware of security implications and will make it as tight as possible.

BTW the login transaction only happens once. Staying logged into a site for long periods really doesn't not decrease you security unless somebody has remote control of your machine. Vast majority of hacks are not done that way as it's very inefficient.

SteveStrummerUK
 
Will this exciting news mean that, eventually, you'll manage to fix the broken Go To First Unread Post feature?
 
I always found this to be extremely useful, but it doesn't work anymore. Not in IE10 anyway

Sorry unfortunately there is nothing we can do about this one - but we have notified the ASP Playground people.

Beepster
 
Dear, Willie and or any Bakers monitoring this thread... Just so I understand this correctly this is an Opt In type scenario? Because this is most definitely NOT something I want happening with my account. 

 
I understand how you feel and that's perfectly valid. Unfortunately - it is not an opt-in scenario. We will be migrating all of our services to Cakewalk Accounts.
 
However - if you would prefer to keep two separate accounts for your store and forum you could by doing the following:

1. Next week when you log back into the forum click on 'Migrate Forum Account' this will allow you to continue using your 'Beepster' account
2. Create a second Cakewalk account that you'll use just for the store with a different email address than your forum account

 So - in a nutshell if you use unique email addresses you can have a Cakewalk Account that is just for the forum or just for the store.
 
RE: Data privacy and security. We don't store any credit card data and we don't plan on starting to. Worst case scenario if Cakewalk was hacked you might get some spam. In Massachusetts we have a stricter set of data privacy laws than most states (this was a result of TJ Maxx losing all that credit card data a few years back) that we adhere to stringently.
 
To be honest we're a bunch of paranoid weirdo's also, we're not going to ask you for anything more than is necessary or anything we wouldn't ask of ourselves.
 
We realize this might be a one-time annoyance but on our end it also minimizes the surface area for a potential attacker not every user follows good security practices and many folks use the same forum password as their store password. I don't want to get into specifics (I can offer them at a later date), but suffice it to say that this will be an upgrade to the Forum's security.
 
I hope that helps ease the confusion, and like I said above the only requirement for creating two Cakewalk Accounts is unique email and username so if you'd like to keep using two accounts you still can.
 

I do not care about security. In case someone want to hack YOU (I mean some concrete person or organization)  he will have success at some point. Using some paranoid live Linux CD (with paranoid AppArmor configuration) with disk less computer will keep potential hacker busy for some time, but still he/she will find the way (hack your router for example).
 
But what I always try to understand are consequences. What a hacker gets in case Cakewalk Store account is hacked? Registration codes!
 
With merging of accounts the probability to be hacked is increasing, many users are "hanging" on the forum more or less permanently. So the following question should be answered: what will happened in case throw hacked account my registration numbers become public? Will Cakewalk accuse me for publishing these number, and so make me responsible for illegal distribution of the products?
 
That is why I am not permanently logged into my banking, PayPal, etc. But with account merging, Cakewalk a kind of forcing me to stay logged in.
 

Willy Jones [Cakewalk]
I hope that helps ease the confusion, and like I said above the only requirement for creating two Cakewalk Accounts is unique email and username so if you'd like to keep using two accounts you still can.

 
Willy,
 
This forum account of mine is email1, my store account is email2. What exactly is going to happen to either accounts email address after I migrate?
 
For the moment, leave out the fact that I do have other "band" forum accounts and that misguided "The Bapu" forum account.
 
 
 
 
 
 
 
 
Oh, BTW, my passwords are password1 and password2. That's to make the hackers' job easier.