What we’re reading, week of 9/22

Posted: September 22, 2008 in Highlights

Security bloggers are all over the story of VP nominee Sarah Palin’s hacked email account this week. Some of the best coverage:

From Zero Day…
Attacker: Hacking Sarah Palin’s email was easy
Dancho Danchev describes, step-by-step, exactly how Palin’s email was hacked. The key point of interest here is that none of the steps taken by the infiltrator required any advanced technical knowledge.

Later, from Zero Day…
Webmail and traditional e-mail face different threats
Adam O’Donnell discusses the different threat models to consider when using web-hosted email versus desktop-based email. He argues that in order to decide which option is more secure, a user must also take into consideration reliability and the risk of data loss.

Still later, from Zero Day…
Webmail providers can fix Palin hack-style problems
Finally, what can providers do to avoid this? Adam O’Donnell calls upon webmail providers to implement additional software and more secure processes to manage the password reset process.

And from Errata Security…
How Sarah got her hack on
Robert Graham describes what can be done from a user perspective – and how high-profile, public persons need to employ a more thorough standard of personal IT security.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s