Logo 19-Aug-01
Hotmail Blown Wide Open!

Still using Hotmail? You might as well post your messages on a public bulletin board - this latest compromise is TOTAL.

Home
Home

News
News

Topic
Topics

AAx
AAx
Services

Want to see the messages in someone's Microsoft Hotmail mail boxes? No problem! No problem at all. The nice folks at Root-Core have posted the method and the tools for your convenience. It isn't at all difficult - the instructions take about 1/2 a typewritten page, but with the scanning tool you needn't trouble yourself with the details.

Analysis

If, after various compromises, outages, spam attacks, administration problems, and Microsoft's raw intellectual property grab of everything passing through, you're still using Hotmail, perhaps you should ask someone to clobber you over the head with a clue, a really heavy clue.

HOTMAIL IS NOT SAFE. It isn't safe to have messages sent to your own Hotmail box, or to send messages to anyone else's Hotmail box. Get a real mailbox from a real ISP (Internet Service Provider).

Still not convinced? Let Nitrozac explain why Hotmail is not cool.

There's no question this latest exploit will be popular. When we downloaded it on Sunday afternoon the site was so busy it could only sustain 400 bytes per second over our DSL line. Every hacker, cracker and script kiddie in the world will be playing with this by the end of the day.

Keep in mind, As Microsoft implements their .NET initiative, they intend to store all your credit card and financial information, your appointment calendar and other personal details on their Passport site. Passport is the "security gateway" for Hotmail and other key .NET services. MSN and Hotmail users will be automatically enrolled in this system.

The good folks at Waggener Edstrom (Microsoft's main PR firm) will be up all night working out how to spin this one. We look forward to their craftsmanship in Microsoft's explanation of why this exploit is not a security problem for MSN / Hotmail users.

- Andrew Grygus

©:Andrew Grygus - Automation Access - www.aaxnet.com - aax@aaxnet.com
Velocity Networks: Network Consulting Service - Internet Service Provider - Web Page Design and Hosting
All trademarks and trade names are recognized as property of their owners