  |
Microsoft Passport to Trouble - http://www.znep.com/~marcs/passport/
Describes a security hole by which a hacker can gain access to a user's Passport shopping profile by stealing their Hotmail cookie. |
| |
Wired: Stealing MS Passport's Wallet - http://www.wired.com/science/discoveries/news/2001/11/48105
To correct serious security flaws, Microsoft on Friday disabled the virtual wallet function of its Passport service and has begun notifying partners about the vulnerabilities, the company has confirmed. By Brian McWilliams. |
| |
Wired: Hotmail Hackers: 'We Did It' - http://www.wired.com/science/discoveries/news/1999/08/21503
A previously unknown group known as Hackers Unite has claimed responsibility for publicizing Hotmail's security breach, which Microsoft vehemently denied was the result of a backdoor oversight. By James Glave. |
| |
Slashdot: Hotmail Cracked Badly - http://slashdot.org/articles/99/08/30/1324206.shtml
Brief description of issue. |
| |
HotMail JavaScript-in-Attachment Attack - http://www.peacefire.org/security/hmattach/
Explanation of JavaScript in HTML attachments security hole, since fixed. |
| |
Register: MS Passport cracked with Hotmail - http://www.theregister.co.uk/2001/11/05/ms_passport_cracked_with_hotmail/
Passport authenticates a user for access to his credit cards and Web site accounts and passwords, to make life easy for on-line merchants and shoppers, and hackers and identity thieves. By Thomas C. Greene. |
| |
Register: Hacking Hotmail Made Easy - http://www.theregister.co.uk/2001/08/20/hacking_hotmail_made_easy/
Some bright empiricist from Root-Core has discovered that anyone can log into their Hotmail account and then call messages from any other Hotmail account by crafting a URL with the second account's username and a valid message number. By Thomas C Greene. |
| |
CNET News.com: Hotmail plugs security hole - http://news.cnet.com/2100-1001-214946.html
Microsoft's Hotmail today claimed victory over the security holes that have put the free email firm on the hot seat this week. |
| |
CNET News.com: Hotmail bug fix not a cure-all - http://news.cnet.com/2100-1023-214829.html
Microsoft's free Web-based email service Hotmail last night implemented a partial fix for a JavaScript security problem. |
| |
BBC: Hotmail Hole Exposes E-mails - http://news.bbc.co.uk/1/hi/sci/tech/1500703.stm
Details of how to read other people's messages have been posted on a website run by a group called Root Core and it has quickly spread to other sites and newsgroups. |
| |
Wired: Hotmail Accounts Exposed to All - http://www.wired.com/techbiz/media/news/1999/08/21490
No sooner was one catastrophic security flaw closed Monday -- one that exposed millions of Hotmail accounts to prying eyes -- when another one appeared. By Declan McCullagh and Ja. |
| |
Slashdot: Update: MS Says Hotmail "Security Issue" Resolved - http://slashdot.org/articles/99/08/31/149245.shtml
News and discussion. |
| |
Wired: Hotmail Has a Hole - and a Fix - http://www.wired.com/science/discoveries/news/1998/02/10466
A Danish government official has reported a security hole that could allow unauthorized access to private accounts on Hotmail, the free Web email service. The company confirmed the hole exists and said Friday it would patch it within a day. By Michael Stutz. |
| |
Wired: Hotel Hotmail - http://www.wired.com/techbiz/media/news/1999/03/18617
As outages and service problems continue to plague Microsoft's free email service Hotmail, users who try to cancel their accounts may be in for a surprise: They can't. By Polly Sprenger. |
| |
Wired: Microsoft Rights Hotmail - http://www.wired.com/science/discoveries/news/1998/08/14701
Microsoft has fixed a serious vulnerability in its Hotmail email program that tricks users into sending their usernames and passwords to an outside email address. By Michael Stutz. |
| |
Wired: Did MS Dig Its Hotmail Hole? - http://www.wired.com/science/discoveries/news/1999/08/21495
The Hotmail security hole may have been an intentional backdoor that Microsoft built into its system for maintenance purposes, security experts said. By James Glave. |
| |
Wired: Hotmail Open to Script Attacks - http://www.wired.com/science/discoveries/news/1998/08/14617
Tom Cervenka, a Web programmer at Canadian Specialty Installations, spent last week working on some clever coding to send to his Hotmail account. It tells users account access has been timed out and that they need to re-enter their account and password information. By Michael Stutz. |
| |
CNET News.com: New security glitch for Hotmail - http://news.cnet.com/2100-1001-215046.html
Security-minded programmers are finding holes in Microsoft's Hotmail faster than the free Web-based email service can plug them. |
| |
ZDNet: Huge Hotmail security flaw reported - http://news.zdnet.com/2100-9595_22-515561.html
In potentially one of the largest security e-mail breaches ever, a Web site may have allowed people access to millions of private Hotmail accounts. |
 |
Wired: Hotmail Bug, Still an Open Book? - http://www.wired.com/science/discoveries/news/1998/09/15112
Security updates made last month to Microsoft's free email service, Hotmail, may have failed to fix the problem. Not only that, but privacy watchdogs fear that the fix might actually help the company analyze their users' Web browsing habits. By Michael Stutz. |