Friday, October 21, 2011

[Electric Boats] Re: Spam - and something to do about it

 

I know that this is all off topic (no boats or batteries), however, I think that everyone here should have a vague idea of what just happened.

Yes Kirk, it has nothing to do with your personal machine. The hacking (pretty much all done with hacker 'bots/programs) takes place on your mail provider's servers. John is right that the 'bot sees the yahoo group address as just another email adddress. However, my wife's yahoo address book was hacked and she only uses a Macbook. So your personal choice for personal computing, e.g. Windows, Linux, Mac, etc. is irrelevent in this scenario.

For a definition, "Cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet)." So if you have an email account with Yahoo, Gmail, Earthlink, etc. then your email and address book are actually kept on your provider's network and these remote networks are now commonly referred to as "the cloud". You can tell that they're not inside your personal computer, because you can access them from other machines and places. In comparison, if you have photos stored on your personal machine, you can't pick them up with your phone or from a friend's house. If you put your photos on Picasa or some other sharing service, they're on "the cloud".

Since there is much more information in these service provider's systems than on your personal machine, the hacker 'bots are turned loose there, where they can find all sorts of information. Typically, these 'bots use brute force algorithyms to crack people's passwords and read the information (in this case, email addresses) inside. If your account gets hacked (your friends should tell you that they received "funny" emails from you), it appears that changing your password will usually stop the use of your adddress book. When you change your password, it turns out that if you include one special character (!, -, =, etc.), your password will be 10 times more resistant to brute force attacks.

The point I was making is to remove all yahoo group adddresses from your address book. You have no need to send an email directly to the group address, if you want to post something, go to the group and post it. Alternatively, you can reply to whatever email notofication that you receive from the group itself. If nobody has the yahoo group email adddress in their adddress book, then even if your address book does get "hacked", the rest of us won't get the subsequent spam.

Fair winds and safe computing,
Eric
Marina del Rey, CA

--- In electricboats@yahoogroups.com, Kirk McLoren <kirkmcloren@...> wrote:
>
> not from my machine. yahoo tech support knows all about it and has not solved it
> IT people tell me the 'cloud' got hacked?
>  
> -Kirk
>
>  
>
> ________________________________
> From: John Paramore <watertoyz@...>
> To: electricboats@yahoogroups.com
> Sent: Friday, October 21, 2011 4:46 PM
> Subject: Re: [Electric Boats] Re: Spam - and something to do about it
>
>
>  
>
> ... I think it's a bug or bot that sends random spams from a victim's
> address-book. A hacker wouldn't likely include something like a mail-
> list, but a mindless bot doesn't know and treats
> "electricboats@yahoogroups.com" as just another address like that of
> Aunt Maude. Also, as nearly as I can tell, this thing seems PC-
> only...So far Every one I've gotten hasn't come from a Mac or Linux
> product. Before anyone gets amped, what I'm getting at is that the
> bug seems built to target the most popular system.
>
> John
>

__._,_.___
Recent Activity:
MARKETPLACE

Stay on top of your group activity without leaving the page you're on - Get the Yahoo! Toolbar now.

.

__,_._,___

No comments:

Post a Comment