Security Basics mailing list archives
Re: How to secure my yahoo account
From: "DC O'Dcriscoll & Associates" <dcodriscoll () privacybasics info>
Date: Tue, 27 Jan 2004 14:36:54 +0000
How can you know if your yahoo account password has been cracked in case the cracker doesn't change it or manipulate any other data relevant to your account(for instance after reading your mails marks them as unread,etc)?My suggestion would be to avoid using a Yahoo account for anything that requires security.
Basically any webmail service such as yahoo has the same problem - you are trusting them to be secure with out them providing much evidence of how they are going about it. Even hushmail, which is supposed to over come all the security problems as with traditional webmail (encrypted storage and transmission of data) has this issue. Unless they completely throw open their software and architecture then you are just taking their word for it that they are doing what they claim to be doing.
Yahoo and Hotmail both have secure login but they then drop the https once you are in which I find irritating. For your situation, ideally they would provide some sort of time stamp message, saying something along the lines of 'you last logged in at...', but this presumes that the cracker has come through the front door.
There are techniques which can reduce the risk but they depend on the specific needs of your situation or where you think the threat is coming from - it depends on whether you think your yahoo account is being randomly accessed by a hacker, or specific targeting of your account is occuring.
Donal -- dcodriscoll () privacybasics info 40 Pinfold Lane, Lancaster, LA1 2BJ Tel: 01524 63935; Web: www.privacybasics.info Human oriented training and consultancy in security and privacy ---------------------------------------------------------------------------Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any course! All of our class sizes are guaranteed to be 10 students or less. We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, and many other technical hands on courses. Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off any course! ----------------------------------------------------------------------------
Current thread:
- How to secure my yahoo account Farid (Jan 20)
- Re: How to secure my yahoo account Byron Sonne (Jan 21)
- <Possible follow-ups>
- Re: How to secure my yahoo account Brecrost Jones (Jan 20)
- Re: How to secure my yahoo account Meritt James (Jan 20)
- RE: How to secure my yahoo account Duston Sickler (Jan 20)
- Re: How to secure my yahoo account DC O'Dcriscoll & Associates (Jan 27)
- Re: How to secure my yahoo account J. Yoon (Jan 20)
- RE: How to secure my yahoo account Moody, Chris (Jan 21)
- RE: How to secure my yahoo account J. Yoon (Jan 26)
- RE: How to secure my yahoo account D.E. Chadbourne (Jan 26)
- RE: How to secure my yahoo account Ferruh Mavituna (Jan 27)
- RE: How to secure my yahoo account Moody, Chris (Jan 28)
- RE: How to secure my yahoo account Ferruh Mavituna (Jan 28)
- RE: How to secure my yahoo account Ow Mun Heng (Jan 29)