Re: Problem with Postfix and mail.bezeqint.net with a home Mandriva System
(sorry for top posting, limitation of gmail for mobile) Frankly, how do you expect hackers to sniff your password on the wire between you and the server? (maybe on shared cable segment?) I'm not saying that I'd feel comfortable sending password in the clear, but what REALLY are the practical risks? Cheers, Amos (connected to gmail over ssl :) On 9/12/08, Oron Peled <[EMAIL PROTECTED]> wrote: > On Thursday, 11 בSeptember 2008, Noam Rathaus wrote: >> The credentials for the SMTP were the same as that for the POP3 account >> they >> used, and of course the same ones for the ADSL login (without the @Bezint >> thingy). > > That's very wise especially without any SSL/TLS support ;-) > > * I had a discussion with them about it a few months ago. > * I would be more than happy to know they bothered doing something >about it. > * One of their support people even "explained" to me how using >ftp for uploading my home page is a security feature because >the password is hidden in the protocol (it wasn't April 1st). > > [not that the other existing ISP's are better] > > Cheers, > > -- > Oron Peled Voice/Fax: +972-4-8228492 > [EMAIL PROTECTED] http://www.actcom.co.il/~oron > "UNIX was not designed to stop you from doing stupid things, because > that would also stop you from doing clever things." > --Doug Gwyn > > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > -- Sent from Google Mail for mobile | mobile.google.com
Re: New "Welcome to Linux" Series
Hi. On Thursday 11 September 2008, Constantine Shulyupin wrote: > Hi, > > I would like to tell about GNU/Linux structure and how to find a route > in wild world of Linux & FOSS > using the Map of GNU/Linux OS and FOSS: http://www.makelinux.net/system/ Such a presentation would be desirable either before the Welcome-to-Linux presentations or after them. During the W2L session, we already have a list of pre-scheduled presentations: http://www.hackers.org.il/mediawiki/index.php/W2L-2008#Schedule_for_Telux Regards, Shlomi Fish - Shlomi Fish http://www.shlomifish.org/ Best Introductory Programming Language - http://xrl.us/bjn84 Shlomi, so what are you working on? Working on a new wiki about unit testing fortunes in freecell? -- Ran Eilam = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: New "Welcome to Linux" Series
I will be happy to hear such a talk. I think it should be in the normal talk schedule and not part of the "Welcome to Linux" -- Ori Idan On Thu, Sep 11, 2008 at 10:28 PM, Constantine Shulyupin < [EMAIL PROTECTED]> wrote: > Hi, > > I would like to tell about GNU/Linux structure and how to find a route > in wild world of Linux & FOSS > using the Map of GNU/Linux OS and FOSS: http://www.makelinux.net/system/ > > -- > Constantine Shulyupin > Freelance Embedded Linux Engineer > 054-4234440 > http://www.linuxdriver.co.il/ > > = > To unsubscribe, send mail to [EMAIL PROTECTED] with > the word "unsubscribe" in the message body, e.g., run the command > echo unsubscribe | mail [EMAIL PROTECTED] > > -- ספרים וסיפורים שכתבתי: http://www.thestories.org
Re: Problem with Postfix and mail.bezeqint.net with a home Mandriva System
On Friday, 12 בSeptember 2008, Amos Shapira wrote: > Frankly, how do you expect hackers to sniff your password on the wire > between you and the server? > (maybe on shared cable segment?) > I'm not saying that I'd feel comfortable sending password in the > clear, but what REALLY are the practical risks? * You assume I needed it from home. * The issue actually came up when I prepared for connecting to my mailbox remotely (from Mexico City -- do you want to count the number of networks from there to bezeqint?) * The link from their main page to their webmail service points to an http connection... (and hosted on a different domain, perfect for phishing people passwords). * After jumping through their support lines (which, btw, were accessible and polite) they found out that they *do* have https webmail service. There is just no link to it from their site. * I thanked them for that and adviced to fix the link so naive people won't be trapped by mistake -- just checked now -- the same... Under these conditions, do you think I'm talking about some theoretical minor risk? Or can we start betting on the number of stolen passwords from traveling salesmans/pointy-haired-bosses/etc? > On 9/12/08, Oron Peled <[EMAIL PROTECTED]> wrote: > > On Thursday, 11 בSeptember 2008, Noam Rathaus wrote: > >> The credentials for the SMTP were the same as that for the POP3 account > >> they > >> used, and of course the same ones for the ADSL login (without the @Bezint > >> thingy). > > > > That's very wise especially without any SSL/TLS support ;-) > > > > * I had a discussion with them about it a few months ago. > > * I would be more than happy to know they bothered doing something > >about it. > > * One of their support people even "explained" to me how using > >ftp for uploading my home page is a security feature because > >the password is hidden in the protocol (it wasn't April 1st). > > > > [not that the other existing ISP's are better] > > > > Cheers, > > > > -- > > Oron Peled Voice/Fax: +972-4-8228492 > > [EMAIL PROTECTED] http://www.actcom.co.il/~oron > > "UNIX was not designed to stop you from doing stupid things, because > > that would also stop you from doing clever things." > > --Doug Gwyn > > > > To unsubscribe, send mail to [EMAIL PROTECTED] with > > the word "unsubscribe" in the message body, e.g., run the command > > echo unsubscribe | mail [EMAIL PROTECTED] > > > > > > -- > Sent from Google Mail for mobile | mobile.google.com > -- Oron Peled Voice/Fax: +972-4-8228492 [EMAIL PROTECTED] http://www.actcom.co.il/~oron If it ain't unix I ain't touching it To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
