June 19th, 2002, 01:44 AM
A Little Note on ICQ Security.
I figured I would let this out to help prevent people from falling into this trap.
In ICQ some people for security reasons put fake e-mail addresses in there user info. This is a major security hole. Say I use the e-mail user contact as firstname.lastname@example.org. A hacker could see your info, and try opening an account in hotmail under email@example.com. If this e-mail address doesn't exsist you could open it, then send a request to ICQ that you lost your password and the password is sent to firstname.lastname@example.org thus giving the hacker your password. I saw this in a neworder.box.sk newsletter and figured I would let you all know. The original was in a newsletter and was written by email@example.com and I don't think he posted it to any site. For more info contact him.
June 21st, 2002, 10:03 PM
that's very interesting, thanks. Just like the thing on hotmail, all you have to do is guess thier country and then get their secret question right. If it is a stupid question like "what is my dog's name?" then anyone that knows your dog's name can change your password. Secret questions are a very good idea, just make sure the question is something that only you know, and no-one else can find out.
\"Why is the bomb always gettin\' the last word?\" - Will Smith - Lost & Found (2005)
June 21st, 2002, 10:24 PM
Good point to consider, thanks for the info.
There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.
(Merovingian - Matrix Reloaded)
June 21st, 2002, 10:27 PM
And just like the thing in almost all online accounts.
June 21st, 2002, 10:31 PM
This is very clever, thanks for pointing this out.
June 21st, 2002, 10:37 PM
BTW, I think it would be more nice if you hide the e-mail address in ICQ. cause many spammers may steal it and you will ged headache when you open your mailbox.
June 21st, 2002, 10:50 PM
Not to mention all the *other*[[http://insecure.org/sploits.html] exploits, hacks and holes in it.
\"Software is like sex- it\'s better when it\'s free.\"
July 1st, 2002, 08:24 AM
Also, dont just abandon email accounts. Just because you remove the account as your primary account, or even delete it completely from your profile, dosent mean its a dead account. ICQ has a little known (or at least it seems like it) feature, allowing a sort of backwards-compatible password retrieval system. You can send your password to any account that has ever been listed as your primay account, so if for some reason you switch primary emails, make sure to close down that accout, lest some annoying lamer come alone and hijack your icq.
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0