Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Verizon Exposes the Wrong 1,200 Email Addresses

timothy posted about 6 years ago | from the but-this-was-the-before-picture dept.

Privacy 94

netbuzz writes "If you're going to market your expertise by inviting 1,200 IT professionals to a seminar about securing data and protecting personal information, it's probably a good idea to protect the personal information of those you invite. On Tuesday, Verizon forgot that advice and blasted each of the 1,200 email addresses to everyone on the list ... and they did it 17 times."

Sorry! There are no comments related to the filter you selected.

Blunder (5, Insightful)

mfh (56) | about 6 years ago | (#25331285)

Whenever email scripts have too many recipients, they do tend to refresh and try again, which can cause dupes. These addresses were likely supposed to be in the BCC field, or nonexistent (duh). So it was a mistake.

That's an embarassing blunder, to hold a seminar on keeping private info secure and then spamming who is attending the seminar. I wonder how much time they will spend on that blunder, explaining how it can happen to anyone, even the mighty Verizon, but this foolishness will not strengthen Verizon's sales pitch.

Spammers attend these conferences. Now spammers have known email addresses of everyone there.

This would only make a difference if spammers made money based on sending targeted email. They don't. They make money based on volume of addresses when a shady merchant pays them. So maybe they could make $25 on this list?

Apart from making one person in Verizon look stupid, this also enforces the theory that it only takes one idiot to... the whole internet.

Re:Blunder (2, Funny)

Anonymous Coward | about 6 years ago | (#25331331)

I wish there was mod points for long winded waste of time

Re:Blunder (3, Funny)

Ethanol-fueled (1125189) | about 6 years ago | (#25331499)

As your score(1, insightful @ 12:38pm pacific time) demonstrates, there are mod points available for short-winded wastes of time.

Re:Blunder (5, Funny)

Anonymous Coward | about 6 years ago | (#25332493)

you showed him dude, I certainly wouldn't want to be him because I would be reeling from that burn

Re:Blunder (5, Funny)

Spacepup (695354) | about 6 years ago | (#25331459)

Spammers attend these conferences. Now spammers have known email addresses of everyone there.

If it's just spammers attending, then they only got the email addresses of other spammers. The spammers can spam themselves all they want for all I care.

Re:Blunder (0)

Anonymous Coward | about 6 years ago | (#25332001)

Re:Blunder (5, Interesting)

omega_dk (1090143) | about 6 years ago | (#25332029)

That would be insightful, if it were not so clearly wrong. Plenty of spammers target specific individuals; see http://searchcio.techtarget.com/news/article/0,289142,sid182_gci1259674,00.html [techtarget.com] for a specific example. Now, one could argue that targeting IT professionals would be an exercise in futility. Would you bet your livelihood on it? Would you bet access (possibly high-trust access, depending on how high up this IT professional is) to your company's network on it?

Because that's what's at stake. It's not a question of sending email selling \/|agra to these people. It's a question of a very specific, highly targeted spam operation with the express purpose of getting access to the networks of these specific individuals, in the hopes that they can provide the access the infiltrator would want to the company as a whole.

Now, I am not saying that this is a big deal; it's not like these emails wouldn't have been available from some other source than this email list. However, I will say that by completely dismissing an entire segment of spam email, that of targeted emails to specific individuals, you are unnecessarily lulling both yourself and anyone who reads your comment into a false sense of security. Highly targeted spam is a real risk; don't discount it as a very real attack vector. You must be ever vigilant, and I don't think you can be with that kind of attitude.

Re:Blunder (3, Interesting)

Obfuscant (592200) | about 6 years ago | (#25332411)

Now, one could argue that targeting IT professionals would be an exercise in futility.

Similarly, you'd think that spamming "postmaster" or "abuse" at a domain would be futile and wasteful, but I get more spam there than at my actual address.

Re:Blunder (3, Insightful)

AndrewNeo (979708) | about 6 years ago | (#25332577)

Probably because they assume it will be a valid address.

Re:Blunder (1)

Maserati (8679) | about 6 years ago | (#25339737)

At my domain blacklist-admin@ gets a surprising amount of spam.

Re:Blunder (4, Funny)

Anonymous Coward | about 6 years ago | (#25333055)

enforces the theory that it only takes one idiot to... the whole internet.

You accidentally... the internet? The whole thing?!

Re:Blunder (0, Redundant)

DarthJohn (1160097) | about 6 years ago | (#25335045)

enforces the theory that it only takes one idiot to... the whole internet.

You accidentally... the internet? The whole thing?!

1. Enforces the theory that it only takes one idiot to
2. ...
3. the whole internet

I think this meme must be dead

Re:Blunder (2, Informative)

dw604 (900995) | about 6 years ago | (#25333775)

I write email software [listmailpro.com] and there are ways to prevent this. The way I do it is insert rows into a queue table for each mailing, with each row containing the userid and messageid. As messages are queued to the SMTP server they are removed from this queue. The sending process checks in every 20 seconds. If a queue fails for more than 1 minute, it can be safely resumed with no duplicate messages. A further simple step is taken to prevent a "refresh" on the sending/queuing page. It seems to me they just need better software or a more competent advertising department.

Title is Misleading (4, Insightful)

rehtonAesoohC (954490) | about 6 years ago | (#25331335)

It's not that Verizon exposed "the wrong" 1200 emails, it's that Verizon exposed any email addresses at all.

/bad title?

Re:Title is Misleading (4, Insightful)

Anonymous Coward | about 6 years ago | (#25331373)

Sometimes you can get away with doing something stupid because nobody notices.

This was not one of those times.

Re:Title is Misleading (2, Interesting)

ta bu shi da yu (687699) | about 6 years ago | (#25333997)

Yup, time for a reply all.

I seem to remember a similar thing happened when a Univeristy made a similar stuff-up, and emailed a raft of journalists. However, in that case it actually brought together journalists who hadn't talk to each other in years.

Re:Title is Misleading (1)

mcrbids (148650) | about 6 years ago | (#25336459)

I remember receiving a spammy email like this. And just for giggles, I used "Reply All" and bitched to the sender about how all these email addresses are public knowledge, and about how all the recipients of the email were going to be spammed by any spammer with a worm on anybody's computer on the list, and how annoying it was to receive email like this with everybody on the "to" line...

By replying to all, everybody's address was on the "to" line.

Again.

Maybe I'm just sick. I don't know. But I did get a few responses from people like "Why did you send your reply to everybody?!?!?! Aren't you just making the problem worse!?!?!". But the funniest part is when one of these replies was sent - you guessed it - to everybody on the list.

It was like a barf storm [llnwd.net] of recursive spammy WTF [thedailywtf.com] s.

BWAAA HA HA HA HA HA!!! [dilbert.com]

Re:Title is Misleading (4, Insightful)

reymyster (521177) | about 6 years ago | (#25331391)

I believe the "wrong" referred to in the title meant to imply that it was particularly bad to expose these specific emails, like when people say "you just messed with the wrong guy"

Simple fix: boycot & save time (4, Interesting)

Alwin Henseler (640539) | about 6 years ago | (#25331785)

If I were one of those invited, then a thing like this would immediately make me loose interest in whatever they'd have to say. Show in advance you can't do yourself what you're preaching about. Duh!

I'd just decline the invitation, and spend my time elsewhere (probably more productive). If a majority of the invited folks would do this, the event would be dead in the water. Killed by stupidity of the organization.

Re:Simple fix: boycot & save time (3, Funny)

mrchaotica (681592) | about 6 years ago | (#25332021)

...a thing like this would immediately make me loose interest...

Why, was your interest tight before?

Re:Simple fix: boycot & save time (1, Interesting)

Anonymous Coward | about 6 years ago | (#25333021)

You're efforts are useless... people will never learn.

Re:Simple fix: boycot & save time (0)

dougisfunny (1200171) | about 6 years ago | (#25333175)

I would agree, it is funny though, in your post you said "You're efforts...."

Kinda the same thing he was pointing out.

Re:Simple fix: boycot & save time (0)

somersault (912633) | about 6 years ago | (#25333835)

its not exactly the same, than again it is similir, I to think I will loose my mind I want too take the live of all this stupid ignorant mutherfsckers who can knot spell too saev there live

Re:Simple fix: boycot & save time (1)

dougisfunny (1200171) | about 6 years ago | (#25335731)

Nothing was misspelled, just the wrong word was selected.

Re:Simple fix: boycot & save time (0)

Anonymous Coward | about 6 years ago | (#25336449)

and spend my time elsewhere

..changing your address?

Re:Title is Misleading (4, Insightful)

Gewalt (1200451) | about 6 years ago | (#25331405)

It's not that Verizon exposed "the wrong" 1200 emails, it's that Verizon exposed any email addresses at all.

If ever there was a worst-case-scenario set of 1200 email addresses, this list was it.

Re:Title is Misleading (1)

pjt33 (739471) | about 6 years ago | (#25331705)

Personal addresses of 1200 legislators, senior generals, and spooks?

Re:Title is Misleading (1)

ed.mps (1015669) | about 6 years ago | (#25335963)

that would be the best-case-scenario ;)

Re:Title is Misleading (4, Insightful)

Naughty Bob (1004174) | about 6 years ago | (#25331779)

If ever there was a worst-case-scenario set of 1200 email addresses, this list was it.

Yes and no. In terms of potential harm done, these people are much more equipped than your average person to be able to mitigate this fuck up.

On the other hand, if there was ever a subsection of people who you donn't want to piss off in this regard....

Re:Title is Misleading (3, Funny)

Teun (17872) | about 6 years ago | (#25332887)

No, no.

Verison is so sure about their new security policies that they wanted to show the experts that publishing their collective addresses is no longer a problem.

Re:Title is Misleading (1)

nog_lorp (896553) | about 6 years ago | (#25334211)

"The time has come for someone to put his foot down. And that foot is me."

Re:Title is Misleading (0)

Anonymous Coward | about 6 years ago | (#25335271)

If ever there was a worst-case-scenario set of 1200 email addresses, this list was it.

I don't know, I manage some mailing lists that include the personal email addresses of
quite a few A-list stars / models / musicians. They are all fairly rich powerful people and I wouldn't want
to have even one of them pissed at me for exposing their email address.....

I think I could live with myself if I was that verizon guy......

Re:Title is Misleading (2, Insightful)

PhrostyMcByte (589271) | about 6 years ago | (#25331425)

I read it as in "You've fucked with the wrong guy". All leaks are bad, but emails of people interested in "securing data and protecting personal information" are the last ones you'd want to leak.

I think it's awesome. (2, Insightful)

IdeaMan (216340) | about 6 years ago | (#25331921)

Maybe now we can have secure, authenticated email.
It's only laziness and the lack of any security mandates that prevents us from having decent email.

Re:I think it's awesome. (2, Insightful)

marcosdumay (620877) | about 6 years ago | (#25332227)

"It's only laziness and the lack of any security mandates that prevents us from having decent email."

I'm sure the lack of any authenticating authority doesn't make it any easier.

Standard spam form letter (1)

DarthJohn (1160097) | about 6 years ago | (#25335251)

Your post advocates a

(X) technical ( ) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(X) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
(X) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
(X) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
(X) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
(X) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
( ) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
(X) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
(X) Whitelists suck
( ) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
(X) Countermeasures must work if phased in gradually
(X) Sending email should be free
(X) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(X) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Title is Misleading (-1, Redundant)

Anonymous Coward | about 6 years ago | (#25331437)

They meant it in the "you messed with the wrong motherfucker" way. Not as in they had meant to expose some other 1200 email addresses.

Re:Title is Misleading (1)

Jherek Carnelian (831679) | about 6 years ago | (#25331567)

It's not that Verizon exposed "the wrong" 1200 emails, it's that Verizon exposed any email addresses at all.

It is a figure of speech - its like saying "The thieves choose the wrong van to break into when they burglarized an FBI SWAT team's van. [news4jax.com] " Breaking into a vehicle is wrong, no doubt, but some vehicles are more worse for the burglar than others.

Similarly, the most likely people to raise a ruckus and thus embarrass Verizon about poor emailing procedures are security pros. Do it to a buch of joe sixpacks and chances are they won't even notice, much less publicize it.

Re:Title is Misleading (2, Insightful)

Anonymous Coward | about 6 years ago | (#25332793)

That doesn't seem like the wrong van. Seems a reasonably high value score for robbing a van. They weren't caught (at least when that article was written) after all.

Re:Title is Misleading (0)

Anonymous Coward | about 6 years ago | (#25333131)

its like saying "The thieves choose the wrong van to break into when they burglarized an FBI SWAT team's van. [news4jax.com] "

Burgled [reference.com]

There, I correctized it for you...

Re:Title is Misleading (1)

Jherek Carnelian (831679) | about 6 years ago | (#25334443)

Burglarized [merriam-webster.com]
Burglarized [reference.com]

There, I correctized it for you...

That you did.

Re:Title is Misleading (1)

SL Baur (19540) | about 6 years ago | (#25342069)

"The thieves choose the wrong van to break into when they burglarized an FBI SWAT team's van."

Were they ever caught? YFL says:

The FBI asks anyone with information that could help recover the rifles to call their Jacksonville office at (904) 721-1211.

Seems to me that they got away with it and that's a heckuva better reward than could have gotten if they had broken into my car ...

This is Slashdot and if you're going to do a car analogy, you're going to have to do much better than that.

Re:Title is Misleading (5, Funny)

flyingsquid (813711) | about 6 years ago | (#25332497)

It's not that Verizon exposed "the wrong" 1200 emails, it's that Verizon exposed any email addresses at all.

While I agree that the email slip-up was pretty bad, I was more concerned about some of the other sensitive information that Verizon publicized. In addition to those 1200 emails, Verizon also emailed other sensitive information including:

1.the secret herbs and spices that go into KFC's chicken

2. the combination to the door of the Bat Cave

3.The location of Dick Cheney's 'undisclosed location'

4. The chemical composition of Kryptonite

5. The burial site of Jimmy Hoffa

6. the nuclear launch codes for U.S. Trident nuclear missile submarines

7. the full name, post office box address, and social security number of the The Good, the Bad, and the Ugly's Man with No Name

8. the address and repository information for that government warehouse that contains the Ark of the Covenant (it's on rack 12, shelf 7, box 336)

Re:Title is Misleading (2, Funny)

nog_lorp (896553) | about 6 years ago | (#25334353)

The chemical composition of kryptonite was already known - sodium lithium boron silicate hydroxide. And it exists in nature too!

Re:Title is Misleading (1)

narcberry (1328009) | about 6 years ago | (#25335327)

Oh, the news was they exposed the mailing list?

I thought it was that Verizon had figured out e-mail.

*clicks* Reply To All (0)

Anonymous Coward | about 6 years ago | (#25331337)

DOH!

Re:*clicks* Reply To All (1)

smashin234 (555465) | about 6 years ago | (#25331451)

Everyone has done this! accidently, purposely or just because. Although the irony here is killing me and you apperantly!

Homer Simpson indeed. Now if people just learned from this mistake the world would be a better place....oh wait never will happen.

Verizon responds (5, Funny)

MarkGriz (520778) | about 6 years ago | (#25331361)

"We just wanted to make sure you could hear us now"

Re:Verizon responds (-1, Redundant)

Anonymous Coward | about 6 years ago | (#25331463)

G0000000000000000000000000000000D

Your comment violated the "postercomment" compression filter. Try less whitespace and/or less repetition.

Re:Verizon responds.. Almost what *i* was thinking (1)

davidsyes (765062) | about 6 years ago | (#25331523)

...

"Can you READ me NEEOWWWWW???!!!"

Re:Verizon responds (1)

cmacb (547347) | about 6 years ago | (#25332479)

No, the typical inter office response is for the same stupid clerk who screwed up in the first place to first send out 1200 message retracts, followed by 1200 "Sorry, please ignore this message". After that of course the only slightly more clueful network administrator sends a message to everyone telling them not to send messages to everyone.

It can only get better from here.

Re:Verizon responds (0)

Anonymous Coward | about 6 years ago | (#25333725)

Good.

Very effective (1)

raistlinwolf (1365893) | about 6 years ago | (#25331427)

I'll bet they got their point across..

Re:Very effective (1)

eniacfoa (1203466) | about 6 years ago | (#25331625)

LOL, yep and also which company not to trust with sensitive information.

The reason is obvious (1)

DynaSoar (714234) | about 6 years ago | (#25331443)

Clearly, the email blorf and the conference itself are one in the same -- a cry for help from Verizon.

Next stop: (0)

Anonymous Coward | about 6 years ago | (#25331501)

Outbound filter to make sure that no email with more than one address in the headers ever leaves the mail server.

Times Time Times Time (3, Funny)

arizwebfoot (1228544) | about 6 years ago | (#25331519)

and they did it 17 times.

They were afraid that if they did it 18 times, it might look suspicious.

--
Oh Well, Bad Karma and all . . .

Re:Times Time Times Time (0, Offtopic)

TinFoilMan (1371973) | about 6 years ago | (#25331547)

It's what you get when you use Clinton's interns...

17 times

So if the story only gets reposted 16 times... (1)

Overzeetop (214511) | about 6 years ago | (#25331549)

Does that mean the Slashdot is more responsible than Verizon?

great (0)

Anonymous Coward | about 6 years ago | (#25331575)

It's all part of the plan. Now Verizon is going to charge me $0.50 a month to keep my information private.

I need to switch services.

I know this is /. and all... (-1, Flamebait)

Loopy (41728) | about 6 years ago | (#25331635)

...but maybe some of you could show that you do, in fact, have the capability to rub two brain cells together and distinguish between a clerical error and an actual security issue? I mean, we all know how easy it is to hate Big Infrastructure(tm) but sophistry doesn't help your arguments.

Re:I know this is /. and all... (1, Funny)

Anonymous Coward | about 6 years ago | (#25331755)

As you said, this is /. Appreciate the irony dammit...

Re:I know this is /. and all... (4, Insightful)

david_thornley (598059) | about 6 years ago | (#25331969)

Except that there is absolutely nothing to distinguish some clerical errors and actual security issues. If information is leaked by clerical error, it's leaked just as effectively as if it were hacked out of an on-line database through cross-site scripting. Maybe more effectively.

Re:I know this is /. and all... (0)

Anonymous Coward | about 6 years ago | (#25332797)

distinguish between a clerical error and an actual security issue?

And the difference is ?

Just more of the same from Verizon (2, Insightful)

Bryansix (761547) | about 6 years ago | (#25331685)

I am not surprised in the least that this happened coming from Verizon. They hire incompetent assholes all the time there. Their business model is how to screw the customer out of the most money and provide the least amount of service. I can't stand Verizon.

Note that their cell phone business is completely separate from the rest of the morons. Neither business unit talks to each other and neither knows what the other is doing. If the wireless side of the business had any brains they would split off and change names. Verizon is associated with incompetence and greed.

Re:Just more of the same from Verizon (0)

Anonymous Coward | about 6 years ago | (#25331939)

Not disagreeing at all, but I'm just glad to learn that they are actually sorta trying to get professional about data privacy. Hopefully they teach more about how to actually prevent breaches than how to B.S./misdirect/fake-apologize after one happens.

Re:Just more of the same from Verizon (1)

Lumpy (12016) | about 6 years ago | (#25332117)

Their business model is how to screw the customer out of the most money and provide the least amount of service.

This is the business model of EVERY wireless carrier. I have tried them all (in the USA) and have yet to find one that is honest and interestedin delivering good service. So I pick the lesser of all evils and switch when that one become more evil.

Re:Just more of the same from Verizon (1)

slimjim8094 (941042) | about 6 years ago | (#25332223)

You fucking kidding me? The wireless side is the problem - their other enterprises aren't great, but they're tolerable at least, and unobtrusive at best.

If Verizon-not-counting-wireless had any brains, they'd kick out VZW.

Re:Just more of the same from Verizon (1)

owlstead (636356) | about 6 years ago | (#25333311)

Well, I was just about to mod you informative, but the next Slashdot story:

http://mobile.slashdot.org/article.pl?sid=08/10/10/209209 [slashdot.org]

tells me they are trying for a merger instead. (Verizon to charge providers $0.03 per SMS).

Re:Just more of the same from Verizon (1)

Chrononium (925164) | about 6 years ago | (#25336453)

In a somewhat related matter, I once had the exact same thing happen when applying for a job at the NSA. They had us go through this whole song and dance about how we shouldn't disclose what we were doing in Maryland. Then they emailed us all after the interview process was over (which wasn't fun, btw) thanking us for coming out. Sadly, they must have mixed up the BCC and CC fields. I let them know, but they didn't seem to be perturbed.

Verizon's next product (1)

greymond (539980) | about 6 years ago | (#25331843)

Sweet, now maybe I can have Verizon start sending me more information on Breast Enlargement and Erectile Disfunction Pills.

If the invitees were really fortunate... (0)

Anonymous Coward | about 6 years ago | (#25331941)

...they weren't charged 3-cents for each of those messages.

Re:If the invitees were really fortunate... (1)

sexconker (1179573) | about 6 years ago | (#25334037)

.03 cents? What a steal!

They aren't the only ones (1, Funny)

Anonymous Coward | about 6 years ago | (#25331979)

Just this morning, I got an email from bandwidth.com addressed to 1250 other customers.

I guess it is good I went with them instead of verizon, now I have even more email addresses to spam!

Re:They aren't the only ones (0)

Anonymous Coward | about 6 years ago | (#25336849)

So yeah, my favorite post from that thread was this lady - she was nice enough reply to all 1250 people with her phone number as well:

I am sick and tired of this. I have a job, and it is not to read all of your bashing emails. Please grow up and get to work, Iâ(TM)m sure you can find something else to do. If you like them, fine; if you donâ(TM)t I donâ(TM)t truly care and would prefer to quit hearing about it. I swear my daughter spends less time on MySpace than you grown adults have spent on a simple error.

Take care,
Karla

866 870 9225 direct

515 987 9265 efax

khosting@cainc.us

The first step in securing their servers (0, Troll)

MikeV (7307) | about 6 years ago | (#25332007)

is to ditch the abysmal Micro$oft Exchange, and while they're at it, ditch Micro$oft altogether. I can't believe they think they have the expertise to host a security seminar and they still run on that rubbish. But they are pretty deeply in bed with Microshaft - you have to wonder what other sensitive data they've allowed to leak out - or rather, that they've sent out to any Tom, Dick and Hacker in the world thanks to their insistence of using Gate's solitare-playing software as if it's got enterprise capabilities.

Re:The first step in securing their servers (0)

Anonymous Coward | about 6 years ago | (#25336505)

Yeah, everyone remembers Windows as the OS that could be completely pwned if the user installed and ran Quake or Quake II [insecure.org] . Shit, that hack works on Linux too, sorry. Let me try again.

We all remember how Windows boxes were used to admin huge botnets of Windows computers. [slashdot.org] Ah, dammit, they were cracked Linux boxes doing the admin work. One more try.

You can bet your money on there never having been a rootkit for Linux! [stanford.edu]

Damn, I was so close.

I'll let you work out the moral of this story, but I can steer you onto the right track - next time you're going to prattle about the security of something, try picking something that has had more than only 6 vulnerabilities found in 2 years of release [secunia.com] , none of which allow privilege escalation and all of which have been patched.

You're barking up the wrong tree (0)

Anonymous Coward | about 6 years ago | (#25342115)

MSexchange sucks because its technology is worse than that of similar products, like VAXMAIL in the 1980s.

If you like dealing with email with stone knives and bearskins, more power to you, but the rest of us are laughing at you and how silly your email looks to the outside world.

Similar email blunde with bandwidth.com today too! (2, Interesting)

Anonymous Coward | about 6 years ago | (#25332095)

very strange coincidence indeed. Bandwidth.com blasted about 300 addresses in an email today as well - it's fun to see all the COO's, CIO's and CEO's of bandwith.com customers acting like children and trolls by 'reply-all'ing' and complaining about exposing their addresses.

Uh, hello mr. ceo - your reply is unsolicited - you are the SPAM you are complaining about!

what a weird coincidence.

Reply? (1)

chord.wav (599850) | about 6 years ago | (#25332327)

Didn't anyone replyed to all? I'd love to see the thread of flames.

So is this like (1)

Alzheimers (467217) | about 6 years ago | (#25332571)

They should have listened to that good advice that they obviously just didn't take.

Who would have thought ... it figures!

17 huh? (1)

JohnnyKrisma (593145) | about 6 years ago | (#25332619)

At least it was a prime number. I wouldn't mind it so much then. Had it been 16 or 18 though, damn I'd be angry.

This happens more than you think... (2, Interesting)

wiedzmin (1269816) | about 6 years ago | (#25332953)

I recall that last year SolarWinds' community website (Thwack) launch email was sent to all interested customers, also in the To: field. Some great email addresses those were - NASA, IEEE, California OES, Alabama, Washington, you name it - total of about 100 people... you should have seen those replies! SolarWinds gave everybody a shirt after :)

Ahem... (0)

Anonymous Coward | about 6 years ago | (#25333057)

Veriz-owned.

Just to get on /. (1)

ohxten (1248800) | about 6 years ago | (#25333199)

I betcha they did it just to get on Slashdot.

Re:Just to get on /. (1)

CorporateSuit (1319461) | about 6 years ago | (#25334149)

You mean Verizon is hosting a conference on security and data theft prevention? SIGN ME UP!

Re:Just to get on /. (0)

Anonymous Coward | about 6 years ago | (#25337353)

I detect a hint of sarcasm yet your nick makes me wonder if you are serious.

17 text messages from verizon (1)

FewClues (724340) | about 6 years ago | (#25335055)

yeah and wait until the sms message bills come in on those invites. Why would anyone mess with Verizon? Seriously!

In related news (1)

Korbeau (913903) | about 6 years ago | (#25335183)

My email recently got exposed to the wrong uncle! Please make those stupid animated love-and-nature Powerpoints stop!

The person responsible... (2, Funny)

v(*_*)vvvv (233078) | about 6 years ago | (#25335207)

is dead. No really, someone killed him already. Securely and anonymously. We have a list of 1200 suspects and their names. Actually, 1200 people have a list of 1200 suspects and their names.

Re:The person responsible... (1)

MR.Mic (937158) | about 6 years ago | (#25337783)

It was Colonel Mustard in the billiard room with the lead pipe.

What a coinsidence - bandwidth.com - same today (2, Insightful)

Anonymous Coward | about 6 years ago | (#25336771)

Some bandwidth.com representative sent an email to 1,300 of their customers this morning. The reply list was so big it crashed Evolution when opened.

One interesting thing about the event was that a great discussion raised from it. Customer's were bouncing ideas off each other, asking what their different configurations were, etc. Some were whining about the service or complaining that we should stop spamming them.

Then, shortly afterward, in the middle of some pretty decent discussion - the CEO of Bandwidth.com sends out an email saying that people are fired, they care about security blah blah..

What this guy failed to do was seize the moment and take the opportunity to start a blog or forum to keep the discussion going..Instead, he fired some poor schmuck(s) over an error that could of happened to anyone.

What about actually addressing some of the concerns and ideas that were brought up?

Just bad leadership from that guy - I would love his job.

Re:What a coinsidence - bandwidth.com - same today (0)

Anonymous Coward | about 6 years ago | (#25342171)

Customer's were ... Then, shortly afterward, in the middle of some pretty decent discussion - the CEO ... could of happened ...

Just bad leadership from that guy - I would love his job.

Considering the skills you have in written English ... if I were you, I would just be happy washing dishes or just thank $DIETY that you have a job and/or a welfare check.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?