Category Archives: Computer Security

Mamadou Diallo still, inexplicably, using my email address all over the internet

For some inexplicable reason, some guy who identifies himself as Mamadou Diallo, a.k.a. Bouba Diallo, has been creating accounts all over the internet using my email address for over two years now. I’ve written about this several times before. It’s still going on… I just got email indicating that he created a Yahoo! account (“m.diallo76”)… Read More: Mamadou Diallo still, inexplicably, using my email address all over… »

Amend the ECPA to protect email privacy!

The privacy of our email is protected by the Electronic Communications Privacy Act, passed in 1986, which requires law-enforcement officials to obtain a warrant to intercept and read private email. However, the law has a critical flaw: it does not require a warrant for emails “left on servers” for more than 180 days. This made… Read More: Amend the ECPA to protect email privacy! »

Have you enabled do-not-track?

For a while now, the web browser vendors and major purveyors of targeted internet advertising have been working on a proposal for allowing users to prevent web sites from tracking their online activity and using it to “customize their web browsing experience,” a.k.a., displaying targeted advertisements which are, theoretically, tailored to the person viewing them.… Read More: Have you enabled do-not-track? »

How to misread statistics, ArsTechnica edition

A recent security breach exposed the plaintext usernames and passwords of almost 100,000 members of IEEE, the Institute of Electrical and Electronics Engineers. The usernames and passwords were discovered by a researcher in 100GB of log files inadvertently left open to the public on an IEEE FTP server. Leaving aside for the moment how incredible… Read More: How to misread statistics, ArsTechnica edition »

Craigslist email-reply scam and what Craigslist could do to fix it

UPDATE [2013-02-13]: According to this article on Craigslist, as of February 10, 2013, they have implemented and are testing the idea I described below for fixing the problem described in this posting. I recently placed a for-sale ad on Craigslist. I anonymized my email address in the ad, which means that the published email address… Read More: Craigslist email-reply scam and what Craigslist could do to fix… »

Post-mortem of security breach on my Linux server

On the afternoon of September 15, I started getting some strange email messages from cron on my Linux server, which hosts my email, blog, DNS, and several web sites for various non-profit organizations I’m involved with. (Background: One of the web sites, an old Drupal installation, handles scheduled tasks through a cron job that periodically… Read More: Post-mortem of security breach on my Linux server »

IMPORTANT UPDATE on Brave New Foundation and Nation of Change

I wrote several days ago about spam I received from Nation of Change at an email address which had previously only been shared with Brave New Foundation. Earlier today, I wrote about Nation of Change apparently attempting to cover their tracks after their unauthorized use of email addresses was discovered and reported by me. I… Read More: IMPORTANT UPDATE on Brave New Foundation and Nation of Change »

Nation of Change trying to cover their tracks?

I wrote recently about spam I received from a new, shady-seeming progressive organization called Nation of Change, sent to an email address that I had only ever used to subscribe to another organization’s mailing list. I asked a lot of questions about Nation of Change, and thus far they’ve failed to respond to any of… Read More: Nation of Change trying to cover their tracks? »