SI
SI
discoversearch

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor.  We ask that you disable ad blocking while on Silicon Investor in the best interests of our community.  If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

   Technology Stocksjuno.com (JWEB)----IPO


Previous 10 Next 10 
To: rdmsqito who wrote (225)8/30/1999 9:55:00 PM
From: Proud_Infidel
   of 510
 
Status of Hotmail privacy unclear


August 30, 1999
Web posted at: 7:02 p.m. EDT (2302 GMT)

By Robin Lloyd
CNN Interactive Senior Writer

(CNN) -- Microsoft's Web-based e-mail service, and possibly the entire concept of free Internet mail, suffered a damaging blow to its integrity Monday when a security breach came to light that made it so anyone's Hotmail messages could be read.

"I have a Hotmail account," said Adam Bruce, an Atlanta computer specialist who monitors user groups frequented by hackers. "This scares the heck out of me. Now anybody and their brother can read my mail."

Web-based e-mail has been a hot item for even Internet novices since it became popular in the past few years. It is free and can be used on any computer with a phone or cable line to the Internet. Hotmail's primary competitor has been Yahoo! Mail.

The breach that surfaced Monday initially worked via several Web addresses, which simply prompted for a Hotmail username -- no password was needed. Once a username was entered, the Hotmail account appeared and the mailbox was available.

Microsoft shut those Web sites down, but hackers posted other Web addresses later in the day that gave entry to accounts. A game of cat-and-mouse ensued, with Microsoft claiming to have won by shutting down all back doors and manually checking all its servers for unauthorized access.

David Wagner, a computer security researcher at UC Berkeley, called the incident "really embarrassing" for Hotmail and Microsoft.

"I've always said don't use Hotmail for anything that is at all personal because we have no idea if they have any commitment to security," he said. "Now I'd say we know they have no commitment to security."

Wagner's advice is simple: "Don't use Hotmail for any e-mail you would be embarrassed to see as a headline."

By the day's end, Microsoft vowed that the incident would not recur.

"With this update we made changes that would prevent this from happening again," said Deanna Sanford, lead product manager for Hotmail.

"There are always going to be hackers out there and you can't make guarantees but we do our best that people feel safe and secure using our products."

Hotmail boasts 40 million customers. Yahoo! refused to give out its client numbers, but claimed it was not subject to the same breach that hit Hotmail.

Microsoft took at least several hours to respond

The exact cause of the Hotmail breach remained unclear Monday, but it endured at least for several hours after Microsoft learned about it.


Bracing for Cyberwar

Hacking Primer

Hacking: Two Views

Timeline

Gallery

Discussion

TIME: Counterhacking 101

Related Sites




The company learned of the breach in the early hours Monday, Pacific Daylight Time, Sanford said, via a report that originated in the Monday edition the Swedish newspaper Expressen.

The breaches via initial Web sites allowed CNN Interactive to open all accounts it tested through 11 a.m. EDT. But e-mail messages couldn't always be opened. Hotmail was down for nearly two hours Monday morning to respond to the initial situation.

By mid-day, most of the URLs or Web addresses that gave entry to Hotmail redirected users to a Microsoft security screen, returned an error message or returned "Forbidden" messages.

The sites had been situated all over the world but all used the same Hotmail gateway program.

Later another URL gave access to accounts for about an hour in the afternoon. Hotmail remained active but Microsoft shut down that hole within minutes of receiving the address.

In all cases, the breach allowed users to read and forward a member's old messages, read new messages and send e-mail in some cases under the name of the user -- assuming the member's identity.

Hotmail reportedly has had trouble with security breaches in the past -- including one that allowed hackers to swipe passwords.

All Hotmail users will receive e-mail from the service notifying them of the situation, Microsoft's Sanford said, and telling them that the trouble is over.

Bug or hack

Internet security experts put the blame at the feet of Microsoft, although the breach involved the work of hackers.

The trouble with Web-based e-mail like Hotmail is users must trust a large company to store their private messages, Wagner said.

"It's a tempting site for hackers to hack. If they have one bug, if affects lots of people," Wagner said.

Richard Smith, a computer security specialist, said the fault for the security lapse may lay with Microsoft.

"It looks like a bug at the Hotmail servers," said Smith, president of Phar Lap Software Inc. in Cambridge, Massachusetts. "They are logging in through some sort of back door."

Bruce said the error came in Hotmail's failure to check for authentication if a direct Web address with a Hotmail username were sent into its servers.

At mid-day, a Microsoft statement indicated that hackers had gained access to its Hotmail servers to create the breach. But that was not the case, Bruce said.

"People have noticed a security breach and know the correct URL to tell the server," Bruce said. "The fault seems to lie in the Microsoft programmers that wrote the code for Hotmail," he said.

Wagner said one of the Web sites gave access to test servers for Hotmail that lacked firewalls. Sanford said that was one possible route to the accounts but servers were updated to prevent future unauthorized access.

As ever, Internet privacy issue is muddy

Ari Schwartz, a policy analyst with the Center for Democracy and Technology, said the security hole in Hotmail was troublesome because Web-based e-mail is a good privacy solution for people sending personal e-mail at work. But no e-mail is totally secure, he said.

"There is a question of how secure you can make any e-mail system," Schwartz said, "especially if people are trying to hack it all the time."

At this point, there is no legal precedent to protect e-mail users from privacy violations, said David Sobel of the Electronic Privacy Information Center.

"It's not clear that a Hotmail user whose privacy has been compromised really has any recourse against Microsoft for what might be found to be negligent engineering of this feature," Sobel said.

cnn.com

Share RecommendKeepReplyMark as Last Read


To: Manx who wrote ()11/9/1999 3:14:00 AM
From: ruey220
   of 510
 
I'm surprised that this board is dead. JWEB is undervalued
I expect it to be 1/4 the goodness of AOL. Same Business
model, they are following AOL path, however, they are
going DSL meaning they are trying to beat AOL marketing
strategy.

Share RecommendKeepReplyMark as Last Read


To: rdmsqito who wrote (217)12/20/1999 1:28:00 AM
From: 2MAR$
   of 510
 
Juno offers $9.95/mth Web access or free with ads


NEW YORK, Dec 20 (Reuters) - Juno Online Services Inc.
<JWEB.O> on Monday said it will broaden its Internet access
offerings to include free ad-supported and lower-cost monthly
services in the latest move to put pressure on premium-priced
services such as market leader America Online Inc. <AOL.N>.
The company, which started out as a free e-mail provider
and now counts roughly 2.5 million active e-mail users, also
said it planned to cut the cost of its full monthly access
offer to $9.95 from the going industry rate of $19.95 a month.
In addition, Juno said it would introduce a high-speed
Internet access service known as Juno Express in early 2000
with details on pricing and potential partners to follow. In
October, it announced a deal with minority owner News Corp
<NWS.N> to supply programming to the upcoming high-speed
service.
The three additional Internet access offerings will come in
addition to its standard offer of free e-mail access, supported
by advertising. The $9.95-per-month offer includes 150 hours of
access in exchange for viewing a limited number of ads.
The New York-based company counted 400,000 billable
subscribers to its Internet access services at the end of
September, the most recent period for which figures are
available and up from 270,000 at the end of June.
The company has signed up 7.6 million subscriber accounts
of which 2.9 million were active in the third quarter.
Juno positions itself as a mainstream provider of Internet
services, competing with the likes of far larger AOL, Earthlink
<ELNK.O>/Mindspring <MSPG.O> and Microsoft Corp's <MSFT.O> MSN
in an effort to attract millions of newcomers online.
Other U.S.-based free Internet access providers include
ad-supported NetZero <NZRO.O> and online-shopping supported
WorldSpy Corp of White Plains, N.Y. NetZero claimed 1 million
users of its free Internet access service in September.
America Online competes in the budget-priced Internet
access category with its CompuServe brand and recently has
struck a range of deals with PC makers and retailers that offer
variations of either subsidised PCs or low-priced Web access.
Shares of Juno closed off of a point on Friday at
16-3/8, little changed from its initial public offering price
of 13 in May.
((-- Eric Auchard, New York newsdesk, 212-859-1840))
REUTERS
*** end of story ***

Share RecommendKeepReplyMark as Last ReadRead Replies (1)


To: 2MAR$ who wrote (228)12/20/1999 8:32:00 AM
From: Glenn Petersen
   of 510
 
As predicted by Steve Harmon in mid-July:

Message 10527767

"I expect Juno to turn the switch on for free Internet access also since it's not difficult for Juno to do."

Share RecommendKeepReplyMark as Last ReadRead Replies (1)


To: Glenn Petersen who wrote (229)12/20/1999 4:54:00 PM
From: 2MAR$
   of 510
 
man this stock is jumping after hours, haha! $39

Share RecommendKeepReplyMark as Last ReadRead Replies (2)


To: 2MAR$ who wrote (230)12/20/1999 5:14:00 PM
From: Walcalla
   of 510
 
Juno Online Services Reiterated `Buy' at PaineWebber


Princeton, New Jersey, Dec. 20 (Bloomberg Data) -- Juno Online Services
Inc. (JWEB US) was reiterated ``buy' by analyst James Preissler at
PaineWebber Inc. The 12-month target price is $120.00 per share.
NYSE/AMEX delayed 20 min. NASDAQ delayed 15 min.

Share RecommendKeepReplyMark as Last ReadRead Replies (1)


To: Walcalla who wrote (231)12/20/1999 5:41:00 PM
From: Americo Burgos III
   of 510
 
JWEB is definitely on fire. Yee-haw and Merry Christmas! ROTFL!

Share RecommendKeepReplyMark as Last ReadRead Replies (2)


To: Americo Burgos III who wrote (232)12/20/1999 6:00:00 PM
From: Rajiv
   of 510
 
Fills for an order to sell 2000 shares - 330, 200, 370,
100, 5, 50, 100, 300, 100, 200, 30, 115, 25 and 75

We are talking serious money here..

Regards,
Rajiv

Share RecommendKeepReplyMark as Last ReadRead Replies (3)


To: Americo Burgos III who wrote (232)12/20/1999 6:03:00 PM
From: Lucky888
   of 510
 
JWEB --

Opened 10% short here @ 40 1/4.

L.

Share RecommendKeepReplyMark as Last ReadRead Replies (1)


To: Rajiv who wrote (233)12/20/1999 6:03:00 PM
From: Americo Burgos III
   of 510
 
Take a look and do your DD on ESHR! That sucker is also gonna hit hard in my opinion.

Share RecommendKeepReplyMark as Last Read
Previous 10 Next 10