[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: firstname.lastname@example.org
- Subject: <nettime> hotmail-hack
- From: Heiko Recktenwald <email@example.com>
- Date: Tue, 31 Aug 1999 00:45:27 +0200
- Comment: This message comes from the debate mailing list.
- Sender: firstname.lastname@example.org
>Hi this is a short summary of Hotmail Hack
>9.23 am EDT the message is posted at www.slashdot.org, the origin is
>14.43 CET I became knowlegde of it by a german-speaking mailinglist. On
>http://www.2038.com/hotmail/ You could enter any username into a form and
>get accsses to anybodies hotmail data without password. All functions were
>abled. It was not possible (to the public) to change the password without
>knowing the old password.
>16.00 CET the url www.2038.com/hotmail/ contains the message "microsoft
>rules", the form doens't work anymore. http://www.2038.com is located in
>into the browsers location-field You could still use the bug to see inside
>the mailboxes. Instead of ENTERLOGINHERE You had to type the username.
>18.00 CET Uhr Hotmail ist down
>18.30 CET www.2038.com/hotmail/ points to
>18.50 CET Hotmail is online again, the cgi that allowed to break in, is
>Hotmail has 40 million subscribers, it is running on Net-BSD, because the
>stuff wasn't able to port the system to Win NT, after Micro$oft bought
>Hotmail. There are rumours that say, the hack was possible through a hack
>of Microsofts Passport-System (http://www.passport.com) that should be
>implemented into Hotmail.
>It is not possible to delete a hotmail-account yourself. It will be
>deleted automaticly after 90 days of not using/ accesing it.
>CNN says that the Swedish Newspaper Expressen (http://expressen.se) has
>first published the Story http://expressen.se/article.asp?id=22383 today.
>Expressen says that they got the information anonymous.
>The now appearing question is, how will be the PR-strategies of
>Microsoft/Hotmail and will there be a reaction on stockmarkets?