Security of Web-based email question

Discussion in 'Computer Security' started by Steve H., Jun 30, 2004.

  1. Steve H.

    Steve H. Guest

    I was reading one of the hacker NG's today just for kicks, and people were
    asking how to hack Hotmail accounts. Do web-based accounts get hacked very
    often ? I have one, obviously. TIA.
    Steve
    Steve H., Jun 30, 2004
    #1
    1. Advertising

  2. Steve H.

    Andrew Guest

    6/29/2004 8:37:54 PM

    "Steve H." <> wrote in message

    <CXnEc.2921$>



    > I was reading one of the hacker NG's today just for kicks, and

    people were

    > asking how to hack Hotmail accounts. Do web-based accounts get

    hacked very

    > often ? I have one, obviously. TIA.


    > Steve


    Yes, rare, they do get hacked. I had my old hotmail hacked, but it
    was a dumb password (my fault, probably just dictionaried it). There
    were also a couple of holes found in hotmail in the past. Now my
    password is on the long side, mixed with numbers and characters and
    letters, it's ***************** <grin> and only makes sense to me.
    Actually, all my passwords follow that rule nowadays.

    Just to be explicit, e-mail of any kind is not private AT ALL. Unless
    you encrypt it, it travels as plain text through every box it touches,
    including the servers at your job. People e-mail things they would
    NEVER put on a postcard. Still surprises me that people are resitant
    to e-mail encryption.
    --
    Composed with Newz Crawler 1.7 http://www.newzcrawler.com/
    Andrew, Jun 30, 2004
    #2
    1. Advertising

  3. Steve H.

    Kleeb Guest

    On Wed, 30 Jun 2004 10:18:38 -0400, "Andrew" <>
    schrieb:

    <snip>

    >Just to be explicit, e-mail of any kind is not private AT ALL. Unless
    >you encrypt it, it travels as plain text through every box it touches,
    > including the servers at your job. People e-mail things they would
    >NEVER put on a postcard. Still surprises me that people are resitant
    >to e-mail encryption.



    I agree totally here. But have you ever, ever convinced anyone to use any
    form of email encryption ? I have tried many times in the past, but all I
    get is the 'finger-gone-through-the-toilet-paper' look, and then a blatant
    subject change. :/

    To be fair though, who is most likely to 'sniff' emails ? Is it something
    bored IT staff can do at will ? I mean, they have the means to sure, but
    wouldn't this fall foul of some law if they were found doing it, with no
    good reason ?

    I'm curious as my arguments for encryption (leaving aside those for
    protecting your HD data; which BTW everyone seems to see the point in even
    if they don't understand what I'm talking about) always seem to fall down
    when I'm asked for actual examples of where their emails could and would be
    read by someone other than the intended recipient.

    If I do manage to cite some examples, the response from them is invariably :

    "But I've got nothing to hide anyway". :/

    I'll keep on using PGP and similar forms of encryption, but I feel those of
    us not working in the computer industry that still use it, are in a very
    distinct minority.

    Regards,

    Kleeb.
    Kleeb, Jun 30, 2004
    #3
  4. Steve H.

    Andrew Guest

    Re: Re: Security of Web-based email question

    6/30/2004 4:15:58 PM

    Kleeb <> wrote in message

    <>



    > On Wed, 30 Jun 2004 10:18:38 -0400, "Andrew" <atangel@nospam.

    hotmail.com>

    > schrieb:


    >


    > <snip>


    >


    > >Just to be explicit, e-mail of any kind is not private AT ALL.

    Unless

    > >you encrypt it, it travels as plain text through every box it

    touches,

    > > including the servers at your job. People e-mail things they

    would

    > >NEVER put on a postcard. Still surprises me that people are

    resitant

    > >to e-mail encryption.


    >


    >


    > I agree totally here. But have you ever, ever convinced anyone to

    use any

    > form of email encryption


    Nope, well, only the ones already inclined and would have asked me
    about it eventually ;)

    > To be fair though, who is most likely to 'sniff' emails ? Is it

    something

    > bored IT staff can do at will ? I mean, they have the means to sure,

    but

    > wouldn't this fall foul of some law if they were found doing it,

    with no

    > good reason ?




    I don't think so. They may run afoul of workplace policy, but not the
    law if these are work servers and they work for the employer. I
    posted this elsewhere in the group about ISP mail earlier today, but
    here is the link again.

    <snip url=http://tinyurl.com/22uwd >



    The First Circuit Court of Appeals dealt a grave blow to the privacy

    of Internet communications with its decision today in the case of U.S.


    v. Councilman. The court held that it was not a violation of

    criminal wiretap laws for the provider of an email service to monitor


    the content of users' incoming messages without their consent.



    </snip>





    > "But I've got nothing to hide anyway". :/




    I've heard that too.... sooo many times!

    Then why not put the same info on a postcard? Do postmen read all the
    postcards they deliver? Nope. Too much mail to deal with... But they
    read some. And so do IT staff, but those with an axe to grind, the
    bored (as you mention), the curious, the office stalkers, and of
    course, the "new" guys, to whom all this tech is still very new a fun
    to play with...

    --Andrew
    --
    Composed with Newz Crawler 1.7 http://www.newzcrawler.com/
    Andrew, Jun 30, 2004
    #4
  5. Steve H.

    Kleeb Guest

    On Wed, 30 Jun 2004 16:36:50 -0400, "Andrew" <>
    schrieb:

    >Then why not put the same info on a postcard? Do postmen read all the
    >postcards they deliver? Nope. Too much mail to deal with... But they
    >read some. And so do IT staff, but those with an axe to grind, the
    >bored (as you mention), the curious, the office stalkers, and of
    >course, the "new" guys, to whom all this tech is still very new a fun
    >to play with...


    Good points. I've gone on minature 'crusades' about privacy, metaphorically
    speaking, particularly with regard to encrypting emails, but I've come full
    circle again and decided it just isn't worth my effort.

    If people really are concerned, they'll find out for themselves. They don't
    need me whinging on at them.

    I actually think it's quite healthy to be a bit paranoid. The trouble is,
    you can always get *more* paranoid, but never *less* paranoid than what you
    currently are. At least in my case. :)

    Regards,

    Kleeb.
    Kleeb, Jun 30, 2004
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. geothermal

    Free Web Based Email List

    geothermal, Apr 12, 2004, in forum: Computer Support
    Replies:
    12
    Views:
    696
    Blinky the Shark
    Apr 25, 2004
  2. Alex Vinokur
    Replies:
    2
    Views:
    2,804
    Kath Adams
    Jun 18, 2004
  3. steve h.

    Web-based email security question

    steve h., Jun 30, 2004, in forum: Computer Support
    Replies:
    2
    Views:
    380
    Plato
    Jul 1, 2004
  4. vbMark
    Replies:
    5
    Views:
    629
    pcbutts1
    Jul 28, 2005
  5. smackedass
    Replies:
    3
    Views:
    451
Loading...

Share This Page