Home | Cyber Crime | E-mail Hacking Shows Web Security Flaws

Cruise Vacations
Engagement Rings
Free Online Games
Gift Baskets
Handbags
Jewelry
Personal Loans
Real Estate
Shopping
Student Loans

SafetyIssues encourages consumers to read the labels and do the research before using any new products.

E-mail Hacking Shows Web Security Flaws

Staff writer for safetyissues.com

Font size:

Think before answering security questions

The recent hacking on the Republican vice presidential candidate has highlighted the weak security links in Web e-mail security.

Basically, the hacker (or, perhaps, hackers) appears to have exploited a weakness in the Yahoo e-mail service password reset system. Note that these password resetting systems are featured on many Web sites (not only on Yahoo!).

The personal details that made this possible — e.g. the birth date, zip code, school — were all found on online sources freely available to the resourceful Internet user.

Aside from finding a way to defeat the security procedure used in Yahoo’s password resetting system, the other significant aspect of the hacking was the perpetrator’s use of a proxy service (in this case, the CTunnel service) to cover their tracks and hide their real location.

The proxy service site is also used by users in schools and businesses who want to gain access to other sites that network administrators usually block.

The FBI and the Secret Service have already started formal investigations on the matter.

The son of a state legislator from Tennessee is reportedly the target of speculations about the hacker’s identity. A person posted a message on a popular /b/ board on the 4chan.org website, using the handle “rubico.” This handle has been linked to an email-address “rubico10@yahoo.com,” which in turn has been attributed to the state legislator’s son, a student at the University of Tennessee-Knoxville.

According to security experts, this multi-step but ultimately simple hack was made possible by fundamental problems associated with the security procedure in most public e-mail services, which rely largely on passwords. If someone wants to reset the password, the security questions posed by the e-mail service can be answered using data that can be supplied from public records or information available on the Internet. It is relatively easy for people to figure out the required information.

* The experts say security protocol in the public e-mail providers should set up more complicated questions that require not-so-obvious answers before passwords can be reset.

* It is also recommended that providers require and confirm an alternate channel, e.g. a secondary e-mail address, in order to reset passwords. It may also be necessary to authenticate IP addresses, especially in the case of requests to change the password originating from a computer that’s different from the user’s original IP.

* Experts also believe e-mail messages should be encrypted (both in storage as well as when in motion).

Safety Tip:

* Make your security question’s answer something that cannot be found on the Web. This may be one good time to provide a false answer (which only you can think of) to a security question.

Rate this article:

Email to a friend

To:

Bcc:

Your email address:

Message:
Print version
Plain text

Add to: Add to your del.icio.us

del.icio.us | Digg this story

Digg

Comments (39 posted):

AMINe Mamoun on 04/28/10 08:05:54

internet security

Lil Wayne Tickets on 07/03/11 05:06:45

hey,this is one of the best posts that I’ve ever seen; you may include some more ideas in the same theme. I’m still waiting for some interesting thoughts from your side in your next post.

roof repairs folsom on 07/10/11 03:26:21

Thank you for the posts. I found the information to be informative and useful.

Albany White Michaels Sectional on 07/12/11 07:41:22

This was a great post! Thanks so much for all the info!

Islam TV on 07/15/11 04:17:14

I appreciated this blog! Keep up the good work, I like your writing. I have gotten some good information here.

custom essay on 08/07/11 03:32:24

your post is good. . let me tell u one thing that Blogs have become latest and important source of quality free information on net people.

Discount Religion Jeans on 08/21/11 04:12:10

My dear friends, do you want to be <a href="http://www.fashionjeanshop.com
"title="http://www.fashionjeanshop.com">fashionable</a>? Just come in, please!
We are international trade that specializes in the<a href="http://www.fashionjeanshop.com"title="http://www.fashionjeanshop.com">True Religion Jeans</a>. Many different shapes and styles will fit you.Our products are authentic quality with original box. <a href="http://www.fashionjeanshop.com"title="http://www.fashionjeanshop.com">Discount True Religion Jeans</a> will cost you less money. So, please don’t hesitate, just contact us for details ! We will be your reliable business partner!
Welcome to our website: ==http://www.fashionjeanshop.com== Thank you!

dream vacation network on 08/23/11 07:09:32

The FBI and the Secret Service have already started formal investigations on the matter.

answering service for doctors on 09/13/11 09:36:46

proper investigation should be done regarding this matter.

Dream Vacation Network on 09/14/11 02:44:18

The post is actually the freshest on this laudable subject. I harmonize with your conclusions and will thirstily look forward to see your approaching updates.

virtual dedicated server hosting on 09/27/11 07:06:22

It is very informative and knowledgeable post shared on the site. The president has been declared security e mail hacking, nice services provided all of them.

Server Hosting on 10/02/11 08:41:31

Nice post and more informative post shared on the site because it has been define the e mail hacking that can be able to understand properly.

answering service company on 10/03/11 06:01:30

there are so many flaws in Web Security

developers of mobile apps on 10/08/11 07:29:13

Awesome post about Web security and I am so glad that I have found it. I will definitely bookmark this page and come here again in the future. Kind regards!

Tonight With Jasmine on 10/13/11 07:42:47

I saw this really great post today! Good share, great article, very usefull for us…thanks.

Credit Calculators on 10/16/11 06:06:27

this is really good post to have it .
thanks for sharing me.

Penelope on 10/17/11 05:10:01

For girls who are active in participating in beauty pageants, here are some question tips that might help you. Browse article at www.vssm.org

Penelope
www.vssm.org

aib internet banking on 10/19/11 12:44:46

This is quite a site. The article is clearly written and every point is factual and is no-nonsense. I have surf the internet looking for topics such as these

Florists in UK on 10/26/11 08:40:44

Thanks for nice information…..

professional answering service on 11/02/11 07:23:52

THERE IS ALWAYS A THREAT OF SECURITY ON WEB NO ONE CAN DENY THIS FACT.

CCNA Salary on 11/05/11 03:09:45

Thanks for the great information.. it was a great read

payday loans online on 11/13/11 06:40:39

This way he will become a well behaved dog so that he is happy and healthy always.

cheap car insurance on 11/14/11 12:07:50

I am so glad that I have found it. I will definitely bookmark this page and come here again in the future. Kind regards!

affiliates on 11/15/11 05:56:32

Hackers have been around since the dawn of computers, and since lately technology has been incorporated in the most intimate aspects of our lives, hackers are much more enticed to break into personal or corporate networks. I think cyber-criminals will be around no matter how advanced security systems become, because after all they're man-made and thus are prone to be flawed.

tv stand on 11/18/11 05:21:53

E mail hacking is a crime but we have to be alert. This is a great blog sharing this information.

louis vuitton uk on 11/24/11 10:25:13

nice post tahnkya

commenter on 11/27/11 01:30:56

love it! very interesting, i hope the incoming comments and suggestion are equally positive. Thanks for sharing this info like this one.

genevieve
www.tulleeho.org

Hébergement Web Canada on 11/28/11 04:27:32

Email hacking has become so common that no one should send confidential data through mail. Great information is shared here.

Seo Services on 12/04/11 03:12:19

enjoyed reading your blog...

SSL Certificate on 12/14/11 01:03:22

Informative article, I am truly happy to post my note on this blog . It helped me with ocean of awareness so I really consider you will do much better in the future.

Long Island School for the Gifted on 12/23/11 06:57:55

thanks for sharing this good post. now my computer will more safer than before i like this news it is so good....

valentines day flowers delivery on 01/01/12 06:37:29

E-mail Hacking Shows Web Security Flaws>>>>>>>>>>>>>>>>>>Thanks to publish this information very useful post I like your content, looking forward for your next post

Paper writing service on 01/16/12 06:26:30

Really nice blog this is and a great way to know the things which is necessary to know, great job you did.

music production on 01/27/12 05:42:39

Thanks for illustrating the commands. Without illustration it’s really tough to understand.

condominiums edgewater on 01/27/12 08:17:44

Excellent tips.Really useful stuff .Never had an idea about this, will look for more of such informative posts from your side.. good job...Keep it up.

Web Design Company on 01/29/12 09:36:48

Nice and informative post on awareness of mail security. It’s really necessary to have security option in our free mail services.

Volvo C30 Air Conditioner Compressor on 02/07/12 05:30:55

Well, I'm so delighted that I have found your post because I have been seeking some information regarding it for nearly 3 hours.

Richard F. Sands on 02/08/12 02:38:07

I believe the content matter here is rattling wonderful , appreciate it for your efforts. You should keep it up..

Good Reference on 04/25/12 12:06:19

I'm really appreciate by making my site one of your reference. It's a good choice or initiative. By keep visiting this site you can have more information about the things that you need. Keep posting.

Myka
www.n8fan.net
Good Reference