Author Topic: YahooMail Is So Bad That Congress Just Banned It (Read 960 times)

perknh · « **on:** May 10, 2016, 11:49:14 pm »

YahooMail Is So Bad That Congress Just Banned It

By William Turton for Gizmodo

http://gizmodo.com/cyberattack-leads-to-a-yahoomail-ban-on-capitol-hill-1775851542

AndyInMokum · « **Reply #1 on:** May 11, 2016, 01:52:21 am »

Quote from: perknh on May 10, 2016, 11:49:14 pm

YahooMail Is So Bad That Congress Just Banned It

By William Turton for Gizmodo

http://gizmodo.com/cyberattack-leads-to-a-yahoomail-ban-on-capitol-hill-1775851542

The solution is relatively easy. First and foremost, train the staff better

. Then install Linux based desktop machines and use a decent DNS service.

Quote

The recent attacks have focused on using .js files attached as zip files to e-mail that appear to come from known senders.

When opening an attachment, Windows based machines just look at the file extension. It says it's a JPEG, therefore it must be a JPEG

- yeah right

. Linux machines will examine the content of the attachment and warn the user if it doesn't match the extension

. Even if the user ignores the warning and opens the attachment, the worst that can happen, is the machine gets infected locally. Naturally, the /home folder will be well backed up for just such occasions. This makes restoring the machine to working order very easy. This is a great example of why you should NEVER use your computer as /root, unless it's absolutely necessary

.

Quote

...“We take the security of our users very seriously, and we’re collaborating closely with House IT staff to ensure that they have the right solutions in place to best protect their accounts.”

Will they use the most cost effective and the most logical solution? I seriously doubt it

.

Capivara · « **Reply #2 on:** May 11, 2016, 02:48:38 am »

Now why do I get the feeling that the so-called 'Technology Service Desk ' misses the point completely?

zebedeeboss · « **Reply #3 on:** May 11, 2016, 02:56:24 am »

Hi All

Having worked on a "Service Desk" for a number of years as both an Operative and a Manager, I can only feel HUGE empathy for them when dealing with "users". No matter how many times you tell people "Do not open that Door" "Turn on the light" "Do not go out there alone" "Don't click that link" $:-\$ $:-\$ $:-\$ $:-\$ They go ahead and do it anyway.

Oh where Oh Where Oh Where did Common Sense run away too. Please come home soon.....

ps Sometime the "sledge hammer" approach is what makes people wake up and listen

scifidude79 · « **Reply #4 on:** May 11, 2016, 10:06:55 am »

Honestly, in 2016, who's stupid enough to open an e-mail from an unknown sender and download the attachments? $:-\$ Oh, that's right, this is the US Government here. Asked and answered.

Capivara · « **Reply #5 on:** May 11, 2016, 10:52:12 am »

Quote from: scifidude79 on May 11, 2016, 10:06:55 am

Honestly, in 2016, who's stupid enough to open an e-mail from an unknown sender and download the attachments? $:-\$ Oh, that's right, this is the US Government here. Asked and answered.

I think that is not the case. More often than not an e-mail appears to be from a person you know and present in your contact list. It takes only one worm to harvest a complete contact list and put these in a spam database, which at a later stage will be used for social engineering.

What baffles me is that people working for a government agency are allowed to read their personal e-mails on a company computer at all. At the company I once worked for we had two separate networks which were not connected in any way. One was 'business only' with limited (VPN office to office) or no access to the outside world, the other was a playground of sorts. The latter was never used to store important files. If something went wrong nobody could care less.

scifidude79 · « **Reply #6 on:** May 11, 2016, 01:19:30 pm »

Yeah, that's actually been a hotly debated issue lately. Some people are up in arms about a certain Presidential candidate using a private e-mail server for classified e-mails. They shouldn't be allowed to use them for any job related e-mails or, as you said, access them on government computers.

VinDSL · « **Reply #7 on:** May 12, 2016, 06:47:33 am »

Quote from: scifidude79 on May 11, 2016, 10:06:55 am

Honestly, in 2016, who's stupid enough to open an e-mail from an unknown sender and download the attachments? $:-\$ Oh, that's right, this is the US Government here. Asked and answered.

Here's a twist for you ...

I know a guy that hates his company so much, he purposely opens every email, downloads every attachment, and so forth, and so on.

I imagine there are many, many government employees that share the same attitude. LoL

It's one of those passive/aggressive things.

scifidude79 · « **Reply #8 on:** May 12, 2016, 09:30:23 am »

It's also one of those incredibly stupid things. If you hate your company that much, quit. Don't intentionally try to infect their computers.

Author Topic: YahooMail Is So Bad That Congress Just Banned It (Read 960 times)

perknh

YahooMail Is So Bad That Congress Just Banned It

AndyInMokum

Re: YahooMail Is So Bad That Congress Just Banned It

Capivara

Re: YahooMail Is So Bad That Congress Just Banned It

zebedeeboss

Re: YahooMail Is So Bad That Congress Just Banned It

scifidude79

Re: YahooMail Is So Bad That Congress Just Banned It

Capivara

Re: YahooMail Is So Bad That Congress Just Banned It

scifidude79

Re: YahooMail Is So Bad That Congress Just Banned It

VinDSL

Re: YahooMail Is So Bad That Congress Just Banned It

scifidude79

Re: YahooMail Is So Bad That Congress Just Banned It