Gmail Calendar Documents Reader Web more »
Recently Visited Groups | Help | Sign in
Google Groups Home
news.admin.net-abuse.email
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
Message from discussion Ameritrade Spam Again
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Seth Breidbart  
View profile  
 More options Jul 31 2006, 8:16 pm
Newsgroups: news.admin.net-abuse.email
From: se...@panix.com (Seth Breidbart)
Date: Mon, 31 Jul 2006 08:16:10 +0000 (UTC)
Local: Mon, Jul 31 2006 8:16 pm
Subject: Re: Ameritrade Spam Again
Forward | Print | View thread | Show original | Report this message | Find messages by this author
In article <19tqc2dntab4r81t1gm6ii2usbdsfkl...@4ax.com>,
Buss Error  <buss_er...@yahoo.com> wrote:

>On 28 Jul 2006 17:01:42 -0700, "Thomas" <tomwin...@gmail.com> wrote:

>>I have decided to perform an experiment. I have just updated my
>>ameritrade addresses to a set of 47 random characters, drawn from a
>>38-character pool (a-z, 0-9, dash, and period). Based on how slow
>>someone would have to check addresses to dictionary attack our server,
>>it would take 10^68 YEARS to guess this new email address if you ran
>>through every permutation.

>Also consider that you might be transiting someone sniffing traffic
>for email adresses between you and Ameritrade,

The next time that happens will be the first.

Someone who could sniff traffic could steal stuff a lot more valuable
than email addresses.

Also, they'd have to get them outgoing, since I only tell Ameritrade
my email address with https.  (And if somebody were sniffing incoming
to me, they'd get a lot more tagged addresses.)

>However, I agree, the most likely thing is Ameritrade has an insider
>leaking their mailling lists, followed by a comprimised system within
>Ameritrade itself.

Right.  Either way, Ameritrade is at fault.

>There are man in the middle attacks that will work with SSL, if you
>can get the browser to load a certificate.

If somebody could MitM against a stockbroker, they aren't going to
steal email addresses.

Seth


    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2010 Google