Re: [OT] Has my e-mail account been hacked?

To: debian-user@lists.debian.org
Subject: Re: [OT] Has my e-mail account been hacked?
From: Stephen Powell <zlinuxman@wowway.com>
Date: Tue, 13 Oct 2015 22:21:08 -0400 (EDT)
Message-id: <[🔎] 923531702.50253824.1444789268113.JavaMail.zimbra@wowway.com>
In-reply-to: <[🔎] 20151013225758.GC14749@copernicus.demon.co.uk>
References: <[🔎] 1667908699.49175606.1444661022955.JavaMail.zimbra@wowway.com> <[🔎] 20151012163627.GE8414@copernicus.demon.co.uk> <[🔎] 616803017.50164765.1444776204617.JavaMail.zimbra@wowway.com> <[🔎] 20151013225758.GC14749@copernicus.demon.co.uk>

On Tue, 13 Oct 2015 18:57:58 -0400 (EDT), Brian <ad44@cityscape.co.uk> wrote:
> 
> The comment was a general one and directed at all our readers. However,
> earlier you said "Someone discovered my password somehow". You have
> just demolished that guess as having no basis as a likely cause.

Likely, no, but still possible.  For example, when I update my web
pages, I use my ISP's FTP server.  Suppose someone else on my ISP's subnet
has a network sniffer in promiscuous mode.  The FTP server uses ordinary
unencrypted FTP.  The userid and password are sent in clear text.  I wish
they had an FTPS server, but the last time I checked, they didn't.  I use
e-mail solely through a web-based e-mail client.  When I login, I don't
know if the password is sent in clear text over the network or not.

That being said, if my password was obtained in this manner, I don't have
much of a defense against it.  If I change my password, they can get the
new one the same way as they got the old one.

Another possibility is a malicious web site that I may have unknowingly
visited that managed to find a password in memory, a cookie, etc.  So
despite all the precautions that I have taken, it is still possible for
a password to be "discovered".

Having said that, it looks like someone else's credentials may have been
used, based on some other posts to this thread.  But I am not an expert
in these matters.  That's why I asked for help.

-- 
  .''`.     Stephen Powell    <zlinuxman@wowway.com>
 : :'  :
 `. `'`
   `-

Reply to:

Follow-Ups:
- Re: [OT] Has my e-mail account been hacked?
  - From: Brian <ad44@cityscape.co.uk>

References:
- [OT] Has my e-mail account been hacked?
  - From: Stephen Powell <zlinuxman@wowway.com>
- Re: [OT] Has my e-mail account been hacked?
  - From: Brian <ad44@cityscape.co.uk>
- Re: [OT] Has my e-mail account been hacked?
  - From: Stephen Powell <zlinuxman@wowway.com>
- Re: [OT] Has my e-mail account been hacked?
  - From: Brian <ad44@cityscape.co.uk>

Prev by Date: Re: [OT] Has my e-mail account been hacked?
Next by Date: Re: [OT] Has my e-mail account been hacked?
Previous by thread: Re: [OT] Has my e-mail account been hacked?
Next by thread: Re: [OT] Has my e-mail account been hacked?
Index(es):
- Date
- Thread