funsec mailing list archives

Re: Tweet This: I Don't Care

From: Jon Kibler <Jon.Kibler () aset com>
Date: Wed, 18 Mar 2009 22:18:05 -0400

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

der Mouse wrote:
<SNIP!>

Over the last week or so, Google (in the form of Google Groups) has
started spamming me.  I got subscribed to some Google Groups list
without even so much as seeing anything I recognized as a subscription
confirmation.

<SNIP!>

I have been seeing this behavior for will over a year now, maybe even
two or more. Yahoo Groups is even worse than Google Groups.

I have seen a couple of different variations of the problem.
  1) Some moron subscribes a mailing list (Security Focus' lists seem to
be an especial problem) to the group. Then, when you post to the mail
list, you either get a bounce (saying you are not authorized to post to
the group), or you get automatically subscribed to the group.
  2) Some malware propagator sets up a group that apparently does not
require you to confirm. It is an apparent social engineering attack to
try to get you to visit the group so they can drop malware on your box
during the visit. I have seen at least a dozen of these from both Yahoo
and Google in recent months.

My $0.02 worth! [US$, not CA$ ;-) !]

Jon
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAknBq10ACgkQUVxQRc85QlNxLgCdFsW3dlwlzNekMoytIc4YEMcX
Vg0AoIjE94LB4/90UkVogZPFzr/kR1W/
=yQSA
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: Tweet This: I Don't Care, (continued)
- - - Re: Tweet This: I Don't Care Paul M. Moriarty (Mar 19)
    - Re: Tweet This: I Don't Care Valdis . Kletnieks (Mar 19)
    - Re: Tweet This: I Don't Care Paul M. Moriarty (Mar 19)
    - Re: Tweet This: I Don't Care Valdis . Kletnieks (Mar 19)
    - Re: Tweet This: I Don't Care Gadi Evron (Mar 19)
    - Re: Tweet This: I Don't Care Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 17)
    - Re: Tweet This: I Don't Care David Harley (Mar 18)
    - Re: Tweet This: I Don't Care Nick FitzGerald (Mar 16)
    - Re: Tweet This: I Don't Care Rich Kulawiec (Mar 18)
    - Re: Tweet This: I Don't Care der Mouse (Mar 18)
    - Re: Tweet This: I Don't Care Jon Kibler (Mar 18)
    - Re: Tweet This: I Don't Care der Mouse (Mar 18)
    - Re: Tweet This: I Don't Care Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 16)
    - Re: Tweet This: I Don't Care Paul Ferguson (Mar 15)
    - Re: Tweet This: I Don't Care Gadi Evron (Mar 15)
    - Re: Tweet This: I Don't Care Valdis . Kletnieks (Mar 16)
    - Re: Tweet This: I Don't Care Paul M. Moriarty (Mar 16)
    - Re: Tweet This: I Don't Care Chris Boyd (Mar 16)
    - Re: Tweet This: I Don't Care Gadi Evron (Mar 16)
    - Re: Tweet This: I Don't Care David Harley (Mar 16)
    - Re: Tweet This: I Don't Care der Mouse (Mar 16)

(Thread continues...)