This week Danish Tour de France rider Michael Rasmussen’s Hotmail was hacked.
Tour de France ended last Sunday and what a Tour de France. The Danish rider Michael Rasmussen had the yellow jersey and was a very possible winner. Due to some alleged lying he was fired four days before the Tour de France ended. What makes the story worse is, that no one has seen proof from Michael Rasmussen or his ex-team, Rabobank that he is lying or telling the truth. Denmark is a small country and we would have loved to see him win the Tour de France. The lack of evidence has caused a lot of speculation, so someone decided to dig up some evidence the illegal way – by hacking, or should I say cracking, Michael Rasmussen’s Hotmail.
How secure is your own webmail against unwelcome visitors, reading your digital information about your personal life?
Preliminary evidence indicates that the cracker either guessed Michael Rasmussen’s Hotmail password or mailed him a phishing file, maybe disguised as a supportive mail, that Michael Rasmussen activated.
Generally webmail isn’t very secure. It is based on one kind of security, the password, but if you chose a strong password chances that your webmail will be cracked are small. When creating a password always combine special characters, capital letters and numbers and be sure to make it a long one. At least eight characters. Yes I know, its a damn long and complicated password, but I’m sure you’ll think of something.
More security won’t be a hit
Where I work we have a IT-security department, they are nice and helpful, but paranoid guys. They see hackers everywhere and usually that collides with my consultant work. Anyway they told me about three things, paranoid IT-security guys work with.
- “Something you know” – usually a password
- “Something you have” – could be a digital signature or key
- “Something you are” – this could be biometric scan of your eye or fingerprint
Now how user-friendly would Hotmail or Gmail be with a digital security key and a scan of your fingerprint? I doubt they would get a lot more customers, if they implemented these security solutions. Not to mention the extra need of customer support, configuration and maintenance. My own Internet Service Provider, TDC, has added digital signature to their webmail. I can use my digital signature to log on to my webmail without any trouble. In Denmark digital signature is pretty common. We use it to correct our tax form, access government websites and get bills from various public companies in a, well, virtual mail box.
A few useful links
The cracker of Michael Rasmussen’s Hotmail tried to sell the information obtained from Rasmussen’s inbox to a Danish newspaper (BT). The sports editor saw the subject field of various mails, but refused to read and print stolen mails. The police are now investigating.
If you are having trouble generating your own password here are a few sites that can help you:
- Goodpassword.com – lets you generate a password from 6-20 characters or a Leet (1337) password
- SuperGenPass – you create a bookmarklet, that you store as a favourite and every time you need a password, you let the bookmark handle it.
1 August, 2007
Current Affairs