[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] (no subject)

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] (no subject)
From: badapple <ifindthatinteresting@xxxxxxxxx>
Date: Tue, 03 Apr 2012 18:22:43 +0100
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1333473799; bh=Dcbqp6ewCcL1TlaL338wO5nRkvnGlpdgHDouOz+e53k=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:References:In-Reply-To:Content-Type:Content-Transfer-Encoding; b=2VsgdHKCjdvldVikZ98dvpXG2AbW/ihRXket2qDvuRWbYSDLdVxNcRS0jeDvheGU8EOC6hRVaxZeDKU3FVLVTdTXH1LAFWoT6tThWcB22kQYxN3YPFhcdT1ow7+xwA1hcuKcIk9PBEWQWUee1pS56MTspIytf5pvNfdY71OyUwM=

On 03/04/12 17:46, Martijn Grooten wrote:
> On Tue, Apr 3, 2012 at 4:32 PM, badapple wrote:
>> this machine is clean
> I have no reason to assume that not to be the case. One of the things
> that people tend to overlook - and what I was referring to - is the
> case where they had checked their email a few weeks ago on their
> mate's computer. Which may have had a keylogger installed.

I definitely agree that for most people, this is a possibility - I
haven't checked my yahoo mail on anyone else's machine *ever* though. I
did create another Oracle download portal account tied to this address
on a friend's windows PC at the weekend, but my yahoo password was never
required. Also, said friend is a very experienced programmer and
although he does use windows, his laptop is fully updated and runs
microsoft security essentials, etc. On top of that, he's skilled enough
that I trust that machine to use putty to establish SSH tunnels to my
home systems so if that box was compromised I'd have a lot more problems
than two spam emails to deal with!

Considering that I've never used yahoo's webmail (only thunderbird/apple
mail/pine/mutt as suitable to the machine I'm currently on) through a
browser in my life, use strong machine-generated salted passwords with
no reuse whatsoever and am currently working on a fresh
hardware/software build barely 24 old I'm pretty mystified. The
workstation temporarily taken down yesterday was clean too - again, that
machine has the keys to the kingdom on it so if was keylogged or
otherwise compromised my SSH keys to god only knows how many high-value
targets would now be in the wild.

Still following up on the highjacked Japanese forum angle but I've got
SSH access to the logs now and everything looks ok at first glance...

I will get to the bottom of this though, and will let you know if I can
find a definitive answer. Thank god it wasn't my gmail or private
account though, yahoo must have been the low hanging fruit I guess.

Cheers,

Mat

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] (no subject)
- From: Martijn Grooten

References:
- [LUG] (no subject)
  - From: bad apple
- Re: [LUG] (no subject)
  - From: badapple
- Re: [LUG] (no subject)
  - From: Martijn Grooten
- Re: [LUG] (no subject)
  - From: badapple
- Re: [LUG] (no subject)
  - From: Martijn Grooten

Prev by Date: Re: [LUG] (no subject)
Next by Date: Re: [LUG] (no subject)
Previous by thread: Re: [LUG] (no subject)
Next by thread: Re: [LUG] (no subject)
Index(es):
- Date
- Thread