Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Security of Web-based email question

Reply
Thread Tools

Security of Web-based email question

 
 
Steve H.
Guest
Posts: n/a
 
      06-30-2004
I was reading one of the hacker NG's today just for kicks, and people were
asking how to hack Hotmail accounts. Do web-based accounts get hacked very
often ? I have one, obviously. TIA.
Steve


 
Reply With Quote
 
 
 
 
Andrew
Guest
Posts: n/a
 
      06-30-2004
6/29/2004 8:37:54 PM

"Steve H." <(E-Mail Removed)> wrote in message

<CXnEc.2921$(E-Mail Removed)>



> I was reading one of the hacker NG's today just for kicks, and

people were

> asking how to hack Hotmail accounts. Do web-based accounts get

hacked very

> often ? I have one, obviously. TIA.


> Steve


Yes, rare, they do get hacked. I had my old hotmail hacked, but it
was a dumb password (my fault, probably just dictionaried it). There
were also a couple of holes found in hotmail in the past. Now my
password is on the long side, mixed with numbers and characters and
letters, it's ***************** <grin> and only makes sense to me.
Actually, all my passwords follow that rule nowadays.

Just to be explicit, e-mail of any kind is not private AT ALL. Unless
you encrypt it, it travels as plain text through every box it touches,
including the servers at your job. People e-mail things they would
NEVER put on a postcard. Still surprises me that people are resitant
to e-mail encryption.
--
Composed with Newz Crawler 1.7 http://www.newzcrawler.com/
 
Reply With Quote
 
 
 
 
Kleeb
Guest
Posts: n/a
 
      06-30-2004
On Wed, 30 Jun 2004 10:18:38 -0400, "Andrew" <(E-Mail Removed)>
schrieb:

<snip>

>Just to be explicit, e-mail of any kind is not private AT ALL. Unless
>you encrypt it, it travels as plain text through every box it touches,
> including the servers at your job. People e-mail things they would
>NEVER put on a postcard. Still surprises me that people are resitant
>to e-mail encryption.



I agree totally here. But have you ever, ever convinced anyone to use any
form of email encryption ? I have tried many times in the past, but all I
get is the 'finger-gone-through-the-toilet-paper' look, and then a blatant
subject change. :/

To be fair though, who is most likely to 'sniff' emails ? Is it something
bored IT staff can do at will ? I mean, they have the means to sure, but
wouldn't this fall foul of some law if they were found doing it, with no
good reason ?

I'm curious as my arguments for encryption (leaving aside those for
protecting your HD data; which BTW everyone seems to see the point in even
if they don't understand what I'm talking about) always seem to fall down
when I'm asked for actual examples of where their emails could and would be
read by someone other than the intended recipient.

If I do manage to cite some examples, the response from them is invariably :

"But I've got nothing to hide anyway". :/

I'll keep on using PGP and similar forms of encryption, but I feel those of
us not working in the computer industry that still use it, are in a very
distinct minority.

Regards,

Kleeb.


 
Reply With Quote
 
Andrew
Guest
Posts: n/a
 
      06-30-2004
6/30/2004 4:15:58 PM

Kleeb <(E-Mail Removed)> wrote in message

<(E-Mail Removed)>



> On Wed, 30 Jun 2004 10:18:38 -0400, "Andrew" <atangel@nospam.

hotmail.com>

> schrieb:


>


> <snip>


>


> >Just to be explicit, e-mail of any kind is not private AT ALL.

Unless

> >you encrypt it, it travels as plain text through every box it

touches,

> > including the servers at your job. People e-mail things they

would

> >NEVER put on a postcard. Still surprises me that people are

resitant

> >to e-mail encryption.


>


>


> I agree totally here. But have you ever, ever convinced anyone to

use any

> form of email encryption


Nope, well, only the ones already inclined and would have asked me
about it eventually

> To be fair though, who is most likely to 'sniff' emails ? Is it

something

> bored IT staff can do at will ? I mean, they have the means to sure,

but

> wouldn't this fall foul of some law if they were found doing it,

with no

> good reason ?




I don't think so. They may run afoul of workplace policy, but not the
law if these are work servers and they work for the employer. I
posted this elsewhere in the group about ISP mail earlier today, but
here is the link again.

<snip url=http://tinyurl.com/22uwd >



The First Circuit Court of Appeals dealt a grave blow to the privacy

of Internet communications with its decision today in the case of U.S.


v. Councilman. The court held that it was not a violation of

criminal wiretap laws for the provider of an email service to monitor


the content of users' incoming messages without their consent.



</snip>





> "But I've got nothing to hide anyway". :/




I've heard that too.... sooo many times!

Then why not put the same info on a postcard? Do postmen read all the
postcards they deliver? Nope. Too much mail to deal with... But they
read some. And so do IT staff, but those with an axe to grind, the
bored (as you mention), the curious, the office stalkers, and of
course, the "new" guys, to whom all this tech is still very new a fun
to play with...

--Andrew
--
Composed with Newz Crawler 1.7 http://www.newzcrawler.com/
 
Reply With Quote
 
Kleeb
Guest
Posts: n/a
 
      06-30-2004
On Wed, 30 Jun 2004 16:36:50 -0400, "Andrew" <(E-Mail Removed)>
schrieb:

>Then why not put the same info on a postcard? Do postmen read all the
>postcards they deliver? Nope. Too much mail to deal with... But they
>read some. And so do IT staff, but those with an axe to grind, the
>bored (as you mention), the curious, the office stalkers, and of
>course, the "new" guys, to whom all this tech is still very new a fun
>to play with...


Good points. I've gone on minature 'crusades' about privacy, metaphorically
speaking, particularly with regard to encrypting emails, but I've come full
circle again and decided it just isn't worth my effort.

If people really are concerned, they'll find out for themselves. They don't
need me whinging on at them.

I actually think it's quite healthy to be a bit paranoid. The trouble is,
you can always get *more* paranoid, but never *less* paranoid than what you
currently are. At least in my case.

Regards,

Kleeb.

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Accessing higher security level from higher security level nderose@gmail.com Cisco 0 07-11-2005 10:20 PM
Going from higher security level interface to lower security interface- HELP!!! - AM Cisco 4 12-28-2004 09:52 PM
Web-based email security question steve h. Computer Support 2 07-01-2004 08:47 PM
IT-Security, Security, e-security COMSOLIT Messmer Computer Support 0 09-05-2003 08:34 AM
MCSA: Security MCSE: Security question Rick Sears MCSE 0 07-29-2003 08:02 PM



Advertisments