Skip to content

Posts from the ‘Hacking’ Category

9
Nov

HushMail – Not so Hush – Ouch !

Privacy takes another hit. HushMail is a product that allows users to encrypt their email and trust that their correspondence is private. I have had a paid HushMail account for a couple of years now, and even when I messed up on changing my password, I was not able to get access to my HushMail account. Of course, I was using the downloaded javascript based applet, not to the new improved HushMail where the java applet resides on the HushMail servers out of Canada. From Wired, a well research article:

“Our policy is that we only release user information under court order from a court of British Columbia.
(http://www.hushmail.com/help-faqs#courtorder)

When a US agency requires information, they have to work in co- operation with Canadian authorities. While I’m not legal counsel, I believe that most of this is handled through the Mutual Legal Assistance (MLAT) process. From our perspective, the end result is always a Canadian court order. We comply fully with Canadian court orders, so long as they apply to specifically identified accounts as opposed to broad data collection.” Link

“The court revelation demonstrates a privacy risk in a relatively-new, simple webmail offering by Hushmail, which the company acknowledges is less secure than its signature product.”

9
Sep

PWN3D !

“419Eater DDoS’d?

We’ve had a report that the popular scambaiting site 419Eater and the anti-scam site Scamwarners are the latest anti-spam sites to fall victim to a distributed denial of service (DDoS) attack. Both sites are down at this time. Details are hard to come by, but there’s apparently been speculation that the attack originated from a Russian spamgang. ”

An interesting piece commenting on an underground virtual war happening over the web right this very second. The Denial of Service Attacks are apparently being launched by a humongous Army of Zombie Bot Nets:

“There have been reports that they have built up a botnet containing more than a million computers, not all of which are currently being used for stock and pill spam.”

Those organizations fighting the ‘good fight’ against spam and phishing scams are being taken down and off the grid right now as you read this post. Epic !