Archive for month: June, 2009

Hackers Break Into Email of Company CEO For $10,000 Prize

11 Jun
June 11, 2009

As a promotional gimmick, StrongWebmail CEO Darren Berkovitz's Web offered a $10,000 prize to anyone who could break into his email account.  He even gave them the account username and password because he believed that the voice-based identification technology sold by its parent company, Telesign,would protect him.

Well, it took only days for the hackers to break in and claim the prize.  The hackers found the Web flaw within a minute, Secure Science chief scientist Lance James told IDG News, and then
spent about six hours perfecting their attack.

"They did it using an XSS script that took advantage of a vulnerability
in the backend webmail program," StrongWebmail said in a statement.  StrongWebmail said it was "not deterred" by the contest's quick
conclusion and would be launching a new competition once this bug was
fixed, IDG reported. "We won't rest until we have created the most secure email in
the world," the company said.

Email Spoof Shakes Up SEC Watchers

10 Jun
June 10, 2009

A four-page scathing email from Securities and Exchange Commission enforcement attorney Irene Gutierrez to her boss,SEC chairwoman Mary Schapiro, made quite a stir around Washington and New York. 

"Your attempt to take credit for the Reserve Primary Fund case
is another head-scratcher," the email stated. "According
to you, the investigation would have dragged on for years without your
intervention. Nothing could be further from the truth. That matter had
been identified as a high priority matter by people you have thrown
under the bus…"  (Washington Post)

The problem is that the angry, flaming, potentially career-ending email was a forgery.  Ms. Gutierrez quickly wrote her own email, the Washington Post reports:

"I apologize to everyone who received this email," she wrote. "My
blackberry was stolen and someone sent the message below. I did not
author this email nor do I know who did. I have notified my supervisors
and contacted the Security branch and they are in the process of
shutting off the blackberry."

Later, the SEC stated that the BlackBerry had not been stolen, but was misplaced.  "We have determined that the email was sent outside the agency's
network and the originating email address was spoofed," the spokesman told the Wall Street Journal
The email appeared to have been sent from a server in West Chester, Pa,
the publication reported. The location of the sender isn't known.

Of course, the real question, is how did somebody spoof an email address and successfully send the email to key individuals.  That should bear some investigation.

Email Complaints Are Safe in Indonesia … Trust Me

09 Jun
June 9, 2009

The Ministry of Information and Communications in Indonesia took the unusual step of trying to reassure citizens that complaining in an email is perfectly safe.  There is no need to worry about what might happen to you.  Of course, there is the annoying situation involving Prita Mulyasari.

Mulyasari, a 32-year-old, middle-income. mother of two children, is facing six years in prison and a nearly $100,000 fine, after she complained about her treatment at the Omni International Hospital in Tangerang, according to the Jakarta Post.  The email was originally private, according to reports.  The issue
appears to be that the content of the email became public when it was
posted in an online list that was visible by many.  The hospital responded by claiming defamation under the Indonesian criminal law, reports indicated.

She had already spent three weeks in custody without charge until public outrage at
her detention forced authorities to release her on Wednesday, according to The Australian.  With Indonesian elections coming up shortly, her case has attracted major politicians.  President Susilo Bambang Yudhoyonohas called on the courts to be lenient.

However, many individuals appear nervous about what they may write in email and how it could be used against them.

"There is no reason for the public to worry, or be afraid to use
telecommunication services or to communicate electronically," Ministry of Information and Communications spokesman, Gatot S. Dewa Broto, reportedly said by Antara, the Indonesian news agency.  "Legal regulations on individuals and groups of people or institutions
to have privacy in communicating electronically are already strict
enough."

Just Five Sentences

08 Jun
June 8, 2009

There have been a lot of messages about email overload.  I have even written a white paper about it and Safecore is a member of the Information Overload Research Group.   However, I have never seen something so simple and effective as the idea expressed in http://five.sentenc.es/

No, it is not an idea from a Spanish organization — as I first thought.  (.es is for Spain.)  Instead it is a simple idea for keeping emails short — which I will also try for this blog entry.

Catch The Google Wave

03 Jun
June 3, 2009

Google Wave is poised to revolutionize email. I am not only impressed by what I saw on the rather long video from the Google I/O conference, but I know it is important because my daughter, Gabrielle, told me so.

I like not having to use so many different programs and websites, instead I’ll have just have one venue for all of them,” she summarized it very well.

When you start with Google Wave, it can act like an email client.  If you are the only one of your contacts on-line, it can easily leave a message.  So far, so good.  But, if one of your contacts is on-line, it can turn your email into a conversation — in real time.  This is how the wave begins.  People can be regularly added to the conversation.  You can embed comments within another person’s message.  You can drag and drop multi-media content and more.  It is worth seeing the demos:

I was blown away by the real-time translation demo.  And, suddenly realize that I Google Wave may become so popular that I may need to soon register the domain name “Death By Wave.”