[Year 12 IT Apps] (no subject)

[Mark]

Hi Jackson.
I'd guess the main technique would be phishing - the human is always the
quickest and easiest weak link in any technological security chain, and
some modern phishing can be VERY convincing (e.g. embedding attack code
into a legitimate webpage.)

Why Yahoo?  I'd say it was purely return on investment due to bulk targets.
Attack the sites with the maximum number of potential victims... the same
logic is used by virus/worm writers who attack Windows instead of Mac and
Linux (leading Mac users to crow smugly and erroneously about their
perceived invulnerability: it's just that the Mac userbase has not until
recently been big enough to justify good hacking time.)

And maybe Yahoo's creaking old infrastructure is weak and more easily
breached?  Let's see what Marissa does about it.

Cheers
Mark


On 16 April 2013 12:52, Jackson Bates <bates.j at wcc.vic.edu.au> wrote:

> Oh wiser ones,
>
> I'm not much of a security buff, so I'm interested: what are the various
> methods spammers and crooks use to infiltrate our email addresses?
>
> My guesses are brute-force / dictionary attacks (but I imagine yahoo et
> al. block repeated guesses or use captcha), phishing, malware/Trojans (not
> sure what these would do - capture keystrokes?).
>
> And do http://www.seller-service.com/ (for example) know they are hosting
> whatever resides at '/qlsnthcd/1tni5/gyqid3oo/x71m/1695jqh' or has it been
> snuck on to their server (and again, how? SQL injection leading to access
> to admin panel?)
>
> Slightly off-topic, but loosely relevant to U4O2...and asking here means I
> don't spend the rest of the afternoon Googling it :)
>
> Aside: Why does it always seem to be Yahoo?
>
> Thanks for anything that abates my curiousity,
>
> Jackson Bates
> Waverley Christian College
>
>
> --
Mark Kelly
mark AT vceit DOT com
http://vceit.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.edulists.com.au/pipermail/itapps/attachments/20130416/e9ee0c2d/attachment.html