From: gts (gts_2000@yahoo.com)
Date: Sun Feb 23 2003 - 16:56:43 MST
Dossy wrote:
> Is the email address you use common enough knowledge?
Yes, the one in question was, though it is not the same one I use here.
> the only challenge is getting your password. It probably wasn't
> longer than 8 characters, was it?
I know better than to answer a question like that online. ;-) The password
in question is still "out there," though I have changed my email
addresses/usernames/passwords on the sites that concern me most.
> > This person then impersonated me on the relevant site and used the
> > resulting record of my activity in an effort to disrupt my personal
> > life in a very destructive way.
>
> That sucks. No matter what, that's a real drag.
Yes.
> > My PC is generally not physically accessible to anyone other than
> > myself.
>
> What do you mean by "generally"? How often is your PC physically
> accessible to someone else? Once a week? Once a month?
Basically, never. I can't think of a time that anyone had access to this
computer without my close supervision, which is not to say it's never
happened.
> Occam's Razor would say your little conspiracy theory is a bit unlikely.
If you knew more about my life and the placement of my computer then I think
you find my remote keylogging theory to be the best explanation.
> > I am running Windows XP Home Edition. Until a couple of week ago I was
> > connected 24/7 via DSL, but in the last few weeks I have been using
> > dialup only.
>
> h0 h0 h0! Windows XP 0wned Edition connected 24/7 by DSL. I bet you
> probably didn't keep up with the latest security patches as they
> immediately came out, did you?
Actually I do. I'm set up to automatically download and install every patch.
> Did you know enough to rename your owner account? And put a password on
> it?
I've had several different user accounts on my own PC over several different
installations, each one a renamed admin account. One of them used the same
password as that used on the hacked site. Stealth software capable of
recovering that owner password would have helped the hacker.
> Anyone running Windows XP (Home or Pro, but /especially/ XP Home) should
> at least glance over this web page at least three times:
>
> http://www.blackviper.com/WinXP/supertweaks.htm
>
> Specifically, number 12 which I'll quote here:
Very interesting (and another thing to be alarmed about).
However I don't believe I've ever used the default owner/admin account
without first renaming it.
> If I were a betting person, I'd bet you a nickel that you got socially
> engineered or shoulder surfed, and not keylogged.
Yes, social engineering is quite possible, as is shoulder surfing, though
I'm usually extremely careful about the latter.
In case I haven't made it clear, my focus on anti-keylogging is due in part
to the fact that I have another password, one which I use for high security
purposes (e.g., encryption of data files). I'm most concerned about that
password, and it's not one that would normally be accessible via such things
as social engineering and shoulder surfing. Probably only a keylogger could
capture it, because I use it only rarely, (never on websites), and because I
am in general very careful about its use.
Thanks for all your advice.
-gts
This archive was generated by hypermail 2.1.5 : Sun Feb 23 2003 - 17:05:37 MST