It appears that cyber attacks are being stepped up and are being sponsored by people with deep pockets, such as national governments. This is an organized attack on all of us and we all need to be aware that plain language words or call signs are no longer an adequate safeguard against hacking.
The US NSA recommends a 10 character password to keep your PC secure. Here's a great document that should give us all a starting point to keep our systems safe: http://www.nsa.gov/ia/_files/factsheets/Best_Practices_Datasheets.pdf Putting together a 10 character password isn't tough - find a literary passage or writing that you're familiar with and choose the Nth character of each word. Substitute upper an lower case in a method that you can think of (every 3rd letter is uppercase or every vowel is replaced by a number, for example) and you have a secure password. A short (too short to be secure) example, using "Mary had a little lamb" and choosing the 3rd letter except when words are shorter than 3 would result in: "rdatm" Changing the vowels, it could become: "rd@tm" or "rd1tm" depending upon your own personal substitution rule, which you should know but never tell anyone! Again, this doesn't meet the 10 character rule - just choose a longer passage. If you want to change your password, just choose a different passage. If you use the same generation rule, you can change passwords forever by finding passages in a book on your shelf - and keeping track of them! Be safe out there and 73, Mickey N4MB On Mon, Oct 22, 2012 at 10:45 AM, Robert Costa, KB6QXM <kb6...@yahoo.com>wrote: > As this is a very interesting subject, wouldn't it be nice to just install > a application that would generate a complex password for you, then you > manually enter it once on the site, then after that, the application will > login for you. I know that these applications exist. > > 73, > Robert > KB6QXM > "Ham Radio Open Conversation" > Yahoo group owner/moderator > > > ----- Reply message ----- > From: "Richard Clafton" <rclaf...@riroc.com> > To: <rclaf...@riroc.com>, "'Rich - W3ZJ'" <r...@w3zj.com>, < > flexradio@flex-radio.biz> > Subject: [Flexradio] (no subject) > Date: Mon, Oct 22, 2012 7:22 am > > > Oh, yes...and for those who happen to be the owner of the offending > account? Change the password > to something a little more complicated. Your callsign is not sufficient > as they also build a > dictionary from the content of emails in the cracked account they are > gleaning your email address > from. > > Put some non-alphabetical characters in there. > > For example. > > 981@D0ntH@ckMe$ > > Once the password cracking engine exhausts the dictionary - it will drop > you off the crack list - > until it gets your email address supplied from another cracked account of > course. > > -- > Richard A Clafton | the brITish guy | W5\G7EIX > RIROC - Hosting - Development - Technology > http://www.riroc.com | rclaf...@riroc.com > "Jack of all trades, master of none, though often better than the master > of one." > > > -----Original Message----- > From: FlexRadio [mailto:flexradio-boun...@flex-radio.biz] On Behalf Of > Richard Clafton > Sent: Monday, October 22, 2012 9:11 AM > To: 'Rich - W3ZJ'; flexradio@flex-radio.biz > Subject: Re: [Flexradio] (no subject) > > These are not Virus generated. These are compromised accounts. They > use brute force dictionary > attacks direct on the SMTP connector of Yahoo, Hotmail etc to crack the > password - as this method > does not lead to a locked out account. If you use a simple password, > then it is only a matter of > time before your account becomes one of the spam senders. > > The days of virus spam bots on machines are dying out, there is no need to > do that anymore as > people are lax with their passwords and make them easy to crack. Once > they gain access to your > account, then they will spam everyone in your address book. This > includes reflectors (easy now as > you have an authenticated account). And replying to one of these simply > gets you on the crack > list and spam list. Best just to block the offending account from the > reflector and you own > email. > > You can simply check the X-Originating IP of these emails to find they > originated from a machine in > a foreign land - this one for example came from a machine in Germany (a > university). > > -- > Richard A Clafton | the brITish guy | W5\G7EIX > RIROC - Hosting - Development - Technology > http://www.riroc.com | rclaf...@riroc.com > "Jack of all trades, master of none, though often better than the master > of one." > > > -----Original Message----- > From: FlexRadio [mailto:flexradio-boun...@flex-radio.biz] On Behalf Of > Rich - W3ZJ > Sent: Monday, October 22, 2012 8:47 AM > To: flexradio@flex-radio.biz > Subject: Re: [Flexradio] (no subject) > > I own two fairly large Yahoo reflectors, DXLab and SteppIR, and have > been receiving dozens of those scam messages both via the reflectors and > privately. Fortunately, most of the people sending the scam are > moderated on my reflectors so very few of them are getting through to > the lists but it is wide spread and attacking a lot of hams. Most of it > seems to be from people using Msn, Gmail and Yahoo mail. > > 73, Rich - W3ZJ > > w...@att.net wrote: > > Hello Dan R. > > > > Please check your computer. You have a virus. The link you sent is a > > scam. Looks like they got into your email list and sent this using > > your email list. > > > > 73, Bruce > > > > -----Original Message----- From: Dan R > > Sent: Monday, October 22, 2012 9:05 AM > > To: dwa...@missouristate.edu ; e...@qrv.com ; ejh14...@comcast.net ; > > flexradio@flex-radio.biz ; fra...@flex-radio.com ; w...@decaturwb.com > > ; hamf...@hughes.net ; ital...@tds.net > > Subject: [Flexradio] (no subject) > > > > http://elpostreweb.com/wp-content/plugins/akismet/Boriers.php > > > > _______________________________________________ > > FlexRadio Systems Mailing List > > FlexRadio@flex-radio.biz > > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > > Knowledge Base: http://kc.flexradio.com/ Homepage: > > http://www.flexradio.com/ > > > > _______________________________________________ > > FlexRadio Systems Mailing List > > FlexRadio@flex-radio.biz > > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > > Knowledge Base: http://kc.flexradio.com/ Homepage: > > http://www.flexradio.com/ > > > > > _______________________________________________ > FlexRadio Systems Mailing List > FlexRadio@flex-radio.biz > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > Knowledge Base: http://kc.flexradio.com/ Homepage: > http://www.flexradio.com/ > > > > _______________________________________________ > FlexRadio Systems Mailing List > FlexRadio@flex-radio.biz > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > Knowledge Base: http://kc.flexradio.com/ Homepage: > http://www.flexradio.com/ > > > > _______________________________________________ > FlexRadio Systems Mailing List > FlexRadio@flex-radio.biz > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > Knowledge Base: http://kc.flexradio.com/ Homepage: > http://www.flexradio.com/ > _______________________________________________ > FlexRadio Systems Mailing List > FlexRadio@flex-radio.biz > http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz > Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ > Knowledge Base: http://kc.flexradio.com/ Homepage: > http://www.flexradio.com/ > -- Mickey Baker, N4MB Fort Lauderdale, FL *“Tell me, and I will listen. Show me, and I will understand. Involve me, and I will learn.” *Teton Lakota, American Indian Saying. _______________________________________________ FlexRadio Systems Mailing List FlexRadio@flex-radio.biz http://mail.flex-radio.biz/mailman/listinfo/flexradio_flex-radio.biz Archives: http://www.mail-archive.com/flexradio%40flex-radio.biz/ Knowledge Base: http://kc.flexradio.com/ Homepage: http://www.flexradio.com/
