Author Topic: Inmates running the asylum  (Read 616 times)

0 Members and 1 Guest are viewing this topic.

Offline Rapunzel

  • Hero Member
  • ****
  • Posts: 71,719
Inmates running the asylum
« on: March 07, 2014, 11:28:13 PM »

Offline Oceander

  • Technical
  • Hero Member
  • ****
  • Posts: 47,422
  • Chief Dork
Re: Inmates running the asylum
« Reply #1 on: March 07, 2014, 11:34:44 PM »

Offline Rapunzel

  • Hero Member
  • ****
  • Posts: 71,719
Re: Inmates running the asylum
« Reply #2 on: March 07, 2014, 11:38:40 PM »
it is truly amazing how often people are careless with email.  it's treated like some sort of a phone call rather than as a written record of what was said.

Emails and text messages, too...

One bad thing about emails is people can cut and paste and make them look like something they never were.

Another interesting thing - re emails... last week on our Phoenix news they had a segment about a company that fired a woman for non-performance.  She turned around and sued the company stating one of their rather new male employees had sent her emails making sexual remarks, etc...   anyway, the guy was new and a small company, but the owner didn't think it added up so he hired a forensic computer specialist to investigate and in the end it turned out she had sent the emails to herself. She had somehow gained his passwords and used his email account, but from her IP.

Offline Oceander

  • Technical
  • Hero Member
  • ****
  • Posts: 47,422
  • Chief Dork
Re: Inmates running the asylum
« Reply #3 on: March 07, 2014, 11:46:56 PM »
Emails and text messages, too...

One bad thing about emails is people can cut and paste and make them look like something they never were.

Another interesting thing - re emails... last week on our Phoenix news they had a segment about a company that fired a woman for non-performance.  She turned around and sued the company stating one of their rather new male employees had sent her emails making sexual remarks, etc...   anyway, the guy was new and a small company, but the owner didn't think it added up so he hired a forensic computer specialist to investigate and in the end it turned out she had sent the emails to herself. She had somehow gained his passwords and used his email account, but from her IP.

That could cost her a lot more than just a lawsuit.  Using someone else's login credentials without their permission falls under the criminal unauthorized access statutes of many states, so she could easily be prosecuted for that.

One thing that can help detect a fraudulently altered email is keeping track of an email chain - the original email plus all of the replies back and forth - as well as making sure that your email client always retains a copy of whatever you sent out.  It's a lot harder to fraudulently alter an email that's already been sent out because the header information in the email - which is not normally visible (MS Outlook won't even let you see it at all) - generally cannot be similarly altered.

Offline Rapunzel

  • Hero Member
  • ****
  • Posts: 71,719
Re: Inmates running the asylum
« Reply #4 on: March 07, 2014, 11:51:53 PM »
That could cost her a lot more than just a lawsuit.  Using someone else's login credentials without their permission falls under the criminal unauthorized access statutes of many states, so she could easily be prosecuted for that.

One thing that can help detect a fraudulently altered email is keeping track of an email chain - the original email plus all of the replies back and forth - as well as making sure that your email client always retains a copy of whatever you sent out.  It's a lot harder to fraudulently alter an email that's already been sent out because the header information in the email - which is not normally visible (MS Outlook won't even let you see it at all) - generally cannot be similarly altered.

They didn't say on the news report, but I suspect the owner of the company was not going to let it just lie there. Really luck for the man who was wrongly accused his relatively new employer didn't just do something knee-jerk like firing him. They gave the usual disclaimer about not sharing passwords, etc..   Most of the sensitive sites I have to use for my work requires me to change the passwords monthly and they can't be repeated for at least a year. I go nuts keeping track of what I'm using where.

Offline Oceander

  • Technical
  • Hero Member
  • ****
  • Posts: 47,422
  • Chief Dork
Re: Inmates running the asylum
« Reply #5 on: March 07, 2014, 11:59:48 PM »
They didn't say on the news report, but I suspect the owner of the company was not going to let it just lie there. Really luck for the man who was wrongly accused his relatively new employer didn't just do something knee-jerk like firing him. They gave the usual disclaimer about not sharing passwords, etc..   Most of the sensitive sites I have to use for my work requires me to change the passwords monthly and they can't be repeated for at least a year. I go nuts keeping track of what I'm using where.

I go nuts just trying to keep track of the ones that don't need to be changed so often!

Offline Rapunzel

  • Hero Member
  • ****
  • Posts: 71,719
Re: Inmates running the asylum
« Reply #6 on: March 08, 2014, 12:10:53 AM »
I go nuts just trying to keep track of the ones that don't need to be changed so often!

If I don't change them then they lock you out so anymore on the 20th of the month I change them to be safe.


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf