i wanna know about the security of hotmail and all those password.
someone please tell me about it
Printable View
i wanna know about the security of hotmail and all those password.
someone please tell me about it
The "security" that exists for Hotmail email, AFAIK, is simple SSL2-session encryption. That said, it's fairly easy to take apart using something like Cain'n'Able or Ettercap.Quote:
i wanna know about the security of hotmail and all those password.
There is NO encryption on MSN Messenger (unless you use something like SimpLITE and your contacts use it as well -- I recommend that personally) and there is NO encryption for email.
So I wouldn't use Hotmail for those ultra-super-duper military secrets but for general, non-critical stuff it does "peachy kean". :D
Interesting post, MsMittens! Thanks! Does Microsoft list that information at the Hotmail site, or did you learn it somewhere else?
- Xierox
EDIT: My bad, I was able to find it. http://privacy1.msn.com/fullnotice.armx#PERSONAL Under the "Security of Personal Information" section.
And make sure you're cognisant of the ultimate issue. That SSL-2 session is used only to send credentials to the Hotmail authentication service. How it's stored locally on your system is probably quite vulnerable, with physical access (but then, what isn't, really?) For an eye opener, consider all these other IM clients; OmniPod, GAIM, Jabber, Trillian. How do THEY store your MSN Messenger credentials?
/me cackles in an evil tone as all the S.A.s look forward to another sleepless night.
I can't sniff a good request from a bad one, especially from the english.Quote:
Originally posted here by noob_saib0t
i wanna know about the security of hotmail and all those password.
No doubt! :pQuote:
Zencoder cackles in an evil tone as all the S.A.s look forward to another sleepless night.
Yup...I'm sure you notice the tone of MsM (and mebbe myself) are 'helpful yet-disinformative'. It's not an outright STFW or RTFM answer, but it certainly provides valid info while not at all answering the core of the question.
;)
In that case just let dead threads lay out to dry and stop greening this dumb fother muck.Quote:
Yup...I'm sure you notice the tone of MsM (and mebbe myself) are 'helpful yet-disinformative'. It's not an outright STFW or RTFM answer, but it certainly provides valid info while not at all answering the core of the question.
Don't know exactly where I got it. I think it was one of those things I've picked up over time. One thing to watch for is the HTTPS and the lock at the bottom. If you log into hotmail you'll see it appear and then disappear. Fire up a sniffer before you do and you should see the SSL session happening. This link seems to have a nice walkthrough on SSL in general.Quote:
Does Microsoft list that information at the Hotmail site, or did you learn it somewhere else?