* Posts by Michael Argast

2 publicly visible posts • joined 23 Sep 2009

Malware house offered bounty for infected Macs

Michael Argast

For those of you who want to read the original article...

For some reason The Register didn't link to it. The whole paper on Partnerka is actually quite interesting, and a quick read.

http://www.sophos.com/blogs/duck/g/2009/09/24/money-online/

Michael Argast, Security Analyst, Sophos

Demon splurges details of 3,600 customers in billing email

Michael Argast
Thumb Up

This is a good reason to not re-use passwords...

This sort of occurrence is way to common, unfortunately. Hopefully, in this case, Demon was simply sending out passwords they had generated, rather than passwords previously used by customers, because, as well all know, password re-use is horribly high.

You can see how this sort of thing would happen by a mail merge sort of activity, but it is also unfortunate that Demon isn't using technology that would have detected just this sort of accidental leakage and prevented it from occurring. Further to a previous poster's point, there are also great encryption solutions available that would allow them to send this information out without resorting to plain text emails.

Michael Argast, Security Analyst, Sophos