What POP3-hack is this?


Via IDG.se

What kind of POP3-hack is this a matter about, and is InterWorx vulnerable?


Look at it this way, no server is secure. None. Ziltch. The web is an enemy! The best you can do is try to protect it and make it less of a target… It’s the same as cars, all can be broken into - but one with an alarm is less of a target.

Always update your server with recent versions and you should be fine.

That could be said about anything, but I appreciate your concern.

According to what I’ve read (especially on the swedish side of the web) the person that discovered this security hole got access to the information through a man in the middle approach. I’m not sure how that would explain anything, but that’s at least one piece of the puzzle.

It would be interesting to see which platform this is regarding, and the methodology used.

Man in the middle attacks are difficult to prevent. It’s an issue that DNS is suffering, such as DNS poisoning.

It is clear now what it was, just as many has been speculating about on various forums it was Dan who used Tor to listen in on all traffic that went through a Tor-node that he set up for this purpose. (according to http://www.idg.se/2.1085/1.119956 )

One can ask why various Fortune 500 business / governments etc are using Tor and in an un-encrypted mode to add to that.