Friday, February 01, 2008

Man-In-The-Middle Attack - Mail Systems

What are the chances your webmail is affected by a man-in-the-middle attack?

Today I found some instructions for my webmail company's product that did not match the product I see when I login.

I also found it odd when I signed up that certain features that were supposed to be in there were not and "their programmers" had to fix it.

Additionally the SSL certficate isn't working (should it be? Are we getting to an imposter?) and we cannot send mail without errors to one of their domains but they are telling us the messages are still encrypted - are they?

In the instructions I found online I went to the site that was supposed to be the admin site. I got a page not found. Then I typed in the IP - and the admin site showed up - but my admin password does not work on that site. It does work on their main web site however.

For another mail company I tried out I called them up on the phone because the whole login thing did not make sense. When I was asking the guy on the phone where and how to login, and option that he was seeing on his screen was simply not on my screen - and I talked to two different people that said the same thing and the instructions did not match what I was seeing.

What are the chances that all these webmail systems out there that people are using every day to communicate are hacked? Gmail was hacked - people could login and read gmail messages of other people - so it could be happening to a lot of other mail companies with less resources.