[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hacker Warning
From: |
Michael Hendry |
Subject: |
Re: Hacker Warning |
Date: |
Fri, 13 Jul 2018 16:27:02 +0100 |
> On 13 Jul 2018, at 12:34, David Kastrup <address@hidden> wrote:
>
> Michael Hendry <address@hidden> writes:
>
>> I’ve recently received a message from a hacker who told me he knew my
>> password (and quoted it correctly), demanding money in bitcoin for not
>> forwarding details of my recent visit to a porn website to all my
>> contacts.
>
> You make it sound like you use only one password for everything.
That was the way the hacker put it - without specifying what site the password
related to, but I worked backwards from the quoted password.
> A bad
> idea.
Indeed.
I don’t think I had used nabble since 2015, and I did have one other website on
which I had used the same password - by coincidence, I had accessed both on the
same afternoon, but the first appeared secure (https:)
>
>> I had been using nabble to access the list - I've never accessed a
>> porn website.
>>
>> Firefox had warned me that the rabble site wasn’t secure when I logged
>> in.
>
> That sounds like spoofing: not actually connecting to the site you think
> you are connecting to. Misspelled names (i.e., rabble instead of
> nabble) can set oneself up with typo squatters.
Could be. But I used a copied-and-pasted URL to access the nabble site -
http://lilypond.1069038.n5.nabble.com/Four-Bars-per-Line-System-again-td45952.html
I had copied this URL into a Lilypond file along with David Nalesnik’s
excellent way of getting a four-bars-to-a-line layout for leadsheets, with
sufficient flexibility to get (e.g.) the bridge section starting at the
beginning of a line when the number of bars in the A section wasn’t divisible
by 4.
I have checked my browser’s history for misspellings and have found none.
>
>> I’ve deleted my nabble account, hence a couple of my messages to the
>> group have been deleted.
>
> Deleting your nabble account sounds like pulling off the tractor
> ignition key after the mule has bolted.
Nice image!, but I decided I didn’t need to use nabble any more.
>
> It doesn't sound like it will do much to address password
> vulnerabilities or spoofing.
I have taken steps to improve the security of my passwords.
Michael