Two days ago, the email account of Ms. Sarah Palin, the current Governor of Alaska, as well as the Republican Vice Presidential Candidate's Yahoo! Email account - gov.sarah@yahoo.com was hacked. The nature of the hack is the well known "forgotten password" of Yahoo! link, which asks for some personal information before generating a new password. For a public figure like Palin, most of this information is not really private... which means the existing security measures need to be looked at in a different light. Even for normal ppl, the information is not too difficult to get, except that there are easier ways like keyboard logging, social engineering etc.Most services on the web try to escape this predicament, by giving the option of mailing your new password to your email address. But alas this cannot work email accounts itself. It is important that this issue be addressed by Yahoo! and other webmail providers, since there are many people who lose information through such loopholes.
On your end, to reduce the possibility of such attacks, you should give fake information for such email accounts to prevent public information on the website. And you don't have to give the real name of your pet either! And for the love of God, remember that information, since if you forget that, no one is helping you out.
The complete log of emails and information used to hack the account is available at the Wikileaks website.
No comments:
Post a Comment