Re: Hacker Warning

lilypond-user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hacker Warning

From:	Michael Hendry
Subject:	Re: Hacker Warning
Date:	Fri, 13 Jul 2018 16:27:02 +0100

> On 13 Jul 2018, at 12:34, David Kastrup <address@hidden> wrote:
> 
> Michael Hendry <address@hidden> writes:
> 
>> I’ve recently received a message from a hacker who told me he knew my
>> password (and quoted it correctly), demanding money in bitcoin for not
>> forwarding details of my recent visit to a porn website to all my
>> contacts.
> 
> You make it sound like you use only one password for everything.

That was the way the hacker put it - without specifying what site the password 
related to, but I worked backwards from the quoted password.

> A bad
> idea.

Indeed.

I don’t think I had used nabble since 2015, and I did have one other website on 
which I had used the same password - by coincidence, I had accessed both on the 
same afternoon, but the first appeared secure (https:)

> 
>> I had been using nabble to access the list - I've never accessed a
>> porn website.
>> 
>> Firefox had warned me that the rabble site wasn’t secure when I logged
>> in.
> 
> That sounds like spoofing: not actually connecting to the site you think
> you are connecting to.  Misspelled names (i.e., rabble instead of
> nabble) can set oneself up with typo squatters.

Could be. But I used a copied-and-pasted URL to access the nabble site - 
http://lilypond.1069038.n5.nabble.com/Four-Bars-per-Line-System-again-td45952.html

I had copied this URL into a Lilypond file along with David Nalesnik’s 
excellent way of getting a four-bars-to-a-line layout for leadsheets, with 
sufficient flexibility to get (e.g.) the bridge section starting at the 
beginning of a line when the number of bars in the A section wasn’t divisible 
by 4.

I have checked my browser’s history for misspellings and have found none.

> 
>> I’ve deleted my nabble account, hence a couple of my messages to the
>> group have been deleted.
> 
> Deleting your nabble account sounds like pulling off the tractor
> ignition key after the mule has bolted.

Nice image!, but I decided I didn’t need to use nabble any more.

> 
> It doesn't sound like it will do much to address password
> vulnerabilities or spoofing.

I have taken steps to improve the security of my passwords.

Michael

[Prev in Thread]

Current Thread

[Next in Thread]

Hacker Warning, Michael Hendry, 2018/07/13
- Re: Hacker Warning, Simon Albrecht, 2018/07/13
  - Re: Hacker Warning, Michael Hendry, 2018/07/13
- Re: Hacker Warning, David Kastrup, 2018/07/13
  - Re: Hacker Warning, Michael Hendry <=
    - Re: Hacker Warning, Karlin High, 2018/07/13
    - Re: Hacker Warning, Michael Hendry, 2018/07/15
- Re: Hacker Warning, Joshua Stutter, 2018/07/13

Prev by Date: Re: Partcombine not working for orchestral parts?
Next by Date: Re: Hacker Warning
Previous by thread: Re: Hacker Warning
Next by thread: Re: Hacker Warning
Index(es):
- Date
- Thread