[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: My fellow (Debian) Linux users ...

Uhm, ...

On Sun, Apr 13, 2014 at 4:31 AM, Ralf Mardorf <ralf.mardorf@rocketmail.com> wrote:

> Well.. do be aware that as of mid-last week, any messages sent from
> a yahoo mail account are pretty likely to bounce from other
> yahooaccounts, rcn, hotmail, comcast, and other large mail systems.
> See "Yahoo breaks every mailing list in the world including the
> IETF's" http://www.ietf.org/mail-archive/web/ietf/current/msg87153.html
> That could be impacting some folks on this list.
> Miles Fidelman

Thank you Miles,


I read the archive, so I saw your mail, however, my rocketmail (yahoo)
mail did came through the lists, my original mail address, (I was
subscribed to Debian user and Debian BSD and I'm still subscribed to
Debian OT) is an alice-dsl.net address.

I didn't check http://www.bsi.bund.de/DE/Home/home_node.html, but AFAIK
rocketmail and alice passwords were not hacked, while most others, such
as gmail were hacked.

In what sense do you mean hacked? 

Cracked, as in passwords and other sensitive information now known to be exposed and in the hands of persons/organization who will misuse such?

Potentially, but not known to be, exposed? 

Contents hacked (mucked up) by the D-MARK, uhm, DMARC fiasco?

Mail-bombed through the conflux of the DMARC issues and the openssl issues?
What email account should we use :D?!

That is not a new question, but then the DMARC fiasco is several months old news by now, except in the aftermath, and is just a follow-on to the general problem of "When do we give in and admit that universality necessarily requires limits to functionality?" and the corollary problem of "When will we (the rhetorical "we") quit trying to force our own favorite functionality on the entire internet?" 

The openssl issues have been baking for how many years? Yeah, I do mean the heartbleed/beat/whatever vulnerability.

After these somewhat largish waves pass, we have to pick up the pieces with whatever works. 

That's one of the reasons I use gmail for mailing lists, and try not to depend on the internet at all for anything that would make me too vulnerable.

And I'll get around to changing my vulnerable passwords shortly, hopefully before anyone decides to spoof me on the mailing lists.

I think you should do what you are doing, monitoring the lists via the archives, and better options will open up in a few days or weeks when the providers where you are realize that they have to change to survive.

PS: Feel free to Cc me ;).

Joel Rees

Computer memory is nothing by fancy paper, and the CPU and I/O devices are nothing but fancy pens.

Reply to: