The University of East Anglia's Climatic Research Unit suffered a security breach this week. Hackers made off with thousands of email correspondences between some of the world's top climate scientists, and posted them to the Internet¹.

Tony Hake has posted an article at The Examiner, highlighting what he feels are the most egregious examples of scientists manipulating and hiding data to support the established theories about Climate Change. Some of the scientists involved counter that the quotes are taken out of context, and that "People are using language used in science and interpreting it in a completely different way".

¹ I'm not going to link to them, but the Examiner article mentions where to get them.
posted by Who_Am_I on Nov 20, 2009 - 114 comments

The latest paper-based video from the folks at Common Craft. This video explains the ins and outs of phishing scams. Show it to your less web-savvy brethren.
posted by dbarefoot on Oct 21, 2008 - 5 comments

The owners of the domain donotreply.com get a lot of mail. [via]
posted by Armitage Shanks on Mar 19, 2008 - 68 comments

Security, the TSA, and the No-Fly List You would think that our National Security apparatus would be like the TV series "24", with the most ingenious and sophisticated technology available. You would be wrong. Disclaimer: TSA is not an intelligent intelligence agency. Here's a blurb from the resume of the designer(Kenneth Mack) of the application the airline industry uses for *PDF* managing their employee data and the cross-checking them with the no-fly list:

- Sr. Developer: Developed a program [for Goddard Technologies] that uses the "No-Fly List" Excel spreadsheet, provided by the FAA and the database of badged employees to permute the name combinations. It takes into consideration multiple first and middle names, with Soundex and the various "initial" combinations. This program reduced the time for comparison from 3 days to 10 minutes.

The scary yet interesting part of all of this is that the No-Fly List is nothing more than a password-protected spreadsheet (see this PDF). One would guess our Government's geeks would know that it's a bad idea to send email attachments containing social security numbers and dates of birth, unencrypted, over the internets, even if they might be terrorists.
posted by rzklkng on Jul 15, 2005 - 30 comments

GMail not-so-safe Mail. So apparentley GMail has a major exploit that's been discovered by an Israeli hacker. "Using a hex-encoded XSS link, the victim's cookie file can be stolen by a hacker, who can later use it to identify himself to Gmail as the original owner of an email account, regardless of whether or not the password is subsequently changed." And so the fun with GMail begins..
posted by mrplab on Oct 29, 2004 - 9 comments

E-mail snooping is legal. A U.S. federal appeals court set an unsettling precedent last week by ruling (PDF) that an e-mail provider did not break the law when he copied and read e-mail messages sent to customers through his server.
posted by homunculus on Jul 7, 2004 - 15 comments

While MS-bashing is often too easy, this statement about recent security holes seemed especially astounding: "Outlook Express ships with every Windows system, or rather as part of IE, so it's on every system. But unless it is configured to receive mail, you are not at risk," said Scott Culp, manager for Microsoft security response. Interesting. Unless it is configured to receive mail, like, you know, an email program.
posted by judith on Oct 11, 2002 - 30 comments

Those British boys at it again. It was like this during the war, y'know. I remember my old mate Alan Turing beating the system in much the same way. Saved the world he did. Tally-ho.
posted by feelinglistless on Apr 24, 2001 - 7 comments

Yet another outlook vulnerability. This one's significantly nastier than the previous ones, because it can attack and run programs on your computer as you download the email from your server
More >>
posted by cCranium on Jul 19, 2000 - 12 comments

Yet another reason why HTML email sucks. WebTV should limit incoming messages to plain text only, or at least let users turn off HTML rendering in their mail clients.
posted by mathowie on Jan 4, 2000 - 0 comments