tinyjo: (Default)
Emptied of expectation. Relax. ([personal profile] tinyjo) wrote2002-04-09 10:36 am
  • Add Memory
  • Share This Entry
  • Current Mood: thoughtful

Security holes

Hmmm. Once again with the moral dilemma. We are not supposed to be able to check web mail from work. Because I've got my account from a nice obscure hosting company I can check mine. That’s not a problem (or at least I'm not concerned about it). But I have now discovered that there is a way into Yahoo mail from here. And (this is the worrying bit) it's not all that obscure. So, the question is, do I tell IT security?

I guess what this actually does is point up my elitism. I wouldn't consider giving them the heads up on my hosting company's web mail because the chances are pretty high that I'm the only one here who's using it and I know that I can be trusted not to run stupid attachments on my PC. And, at the very least the only people who are using it are likely to be similarly techy. But loads of plebs use Yahoo - do I trust them not to fuck our network up by running VB attachments? That's certainly the justification they give for blocking these sites in the first place - a vector for viruses. I seem to assume that most people just won't have enough tech common sense. Sadly, as last years infection of the bank with Code Red shows, I'm probably right.
Flat | Top-Level Comments Only

[identity profile] zoo-music-girl.livejournal.com 2002-04-09 02:50 am (UTC)(link)
I was able to access UKOnline webmail three times before they spotted it and shut it down, the same might happen with Yahoo...

I can see your point, the rules are there for the idiots really, aren't they? :)

[identity profile] tinyjo.livejournal.com 2002-04-09 02:58 am (UTC)(link)
I can see your point, the rules are there for the idiots really, aren't they? :)

Yeah. I just feel faintly guilty when I think it :(

Sounds like I'm lucky they haven't spotted my webmail - I log into it most days. Heres hoping they don't... Wouldn't it be ironic if they spotted that and not yahoo!
ext_36163: (cleanskies)

if there's a hoop to jump through

[identity profile] cleanskies.livejournal.com 2002-04-09 04:02 am (UTC)(link)
It's too obscure for the fools. Let it lie.
jinty: (Default)

doesn't yahoo scan?

[personal profile] jinty 2002-04-09 06:00 am (UTC)(link)
I thought Yahoo! busily tells you it's scanning all and any attachments -- do things still get through at a rate of knots?

We aren't blocked from any webmail, as far as I know -- certainly I'm not blocked from my Yahoo! mail, and nor are others blocked from Hotmail here.

Re: doesn't yahoo scan?

[identity profile] tinyjo.livejournal.com 2002-04-09 06:25 am (UTC)(link)
I don't know actually. And I suspect that their main reason is actually so we aren't all sitting around reading our personal mail in work time - any security considerations are actually probably only the excuse.
Flat | Top-Level Comments Only