So around 1:13am or so last night I get an incoming text on my phone. Which is unusual. I check to see who it could be and the message only seems to contain some kind of spam link. I'm about to get angry about random SMS marketing when I realize that the spam message originated from my own Gmail account.
Crap.
I log into my Gmail, and sure enough I see a boatload of returned mail messages for emails that I sure as heck didn't send, almost all of them to people in my Contacts whose name begin with A. The Sent Mail folder confirms that my account has been sending out email for several minutes now, and as I check at the bottom of my inbox I see that there is another user logged in to the Gmail account. This is not suspicious in and of itself, as I may be accessing my email from one of several computers in the house, but the IP address sure as heck isn't anything local.
Clicking for details, I see that a mobile user in Russia is accessing the account. I immediately log the spammer out, change my password, and wonder if our home computers have been hacked. Looking at the event logs in our firewall, I don't see the same IP address anywhere, however, so I start trolling Twitter and the Google forums to see if this is currently happening to anyone else.
As it turns out, I do in fact find a thread about my recent Gmail woes. Apparently something like this has been going on with Gmail accounts for a few weeks now, although the activity clearly seems to have spiked over the past 24 hours or so. The Gmail employees monitoring the forums are as helpful as they can be given the unknown nature of the threat, but it's clear from a cursory glance at the other users posting that these aren't your typical phishing victims.
A possible theory advanced in the thread was that another web service was hacked and that the passwords stolen from that database were used to try to access various users' Gmail accounts, based on the assumption that even otherwise prudent and tech-savvy users may be lazy enough to use the same password across several different accounts. I am one of those prudent yet lazy folk, so this seems entirely possible to me- a theory which only seems to be further confirmed when I realize that one of my throwaway Gmail accounts was also hacked. Since I never even log in to this second account, the only plausible connection between it and my main account is that I used the same password for both (though I've since changed them, as well as other account passwords, to their own unique strong passwords).
So what does Google have to say about this? Nothing yet, officially, although people are beginning to talk about it beyond the Google forums and Twitter. Even if you haven't seen any suspicious activity on your own Gmail account, now might be a very good time to change your password, as another working theory is that whoever is compromising these accounts is doing so in small batches so as to avoid detection.
Regardless of whether or not this may be the case, you definitely want to change your passwords if you are using the same password across several different web services. Google's servers may be as hard as Fort Knox to crack, but your account is only as safe as the weakest database out there in the aether that you've entrusted your password to. I feel stupid for being lazy now, but I'm glad that the person who did hijack my Gmail accounts wasn't able to do any lasting damage before I locked them down.
(The other thing you should definitely do RIGHT NOW is go to your Gmail settings and choose "Always use HTTPS" option under Browser Connections if you haven't already!)
In the meantime, sorry if I winged you with an ad for viagra. If I'm going to pimp anything to my Contacts, it's going to be for my novel Confessions of Gourmand- the Kindle edition is only $0.99 on Amazon.com!
UPDATE: Another piece of the puzzle? The New York Times reports today that when Google was attacked back in January, presumably by Chinese hackers, the target of the intrusion attempt was Gaia, its password system for Gmail and other Google account services. Although Google claims that no passwords had been stolen at that time, it's getting harder and harder to believe the recent account hijackings being reported over the past 24 hours are just a coincidence.
Showing posts with label shameless commerce. Show all posts
Showing posts with label shameless commerce. Show all posts
Monday, April 19, 2010
Friday, August 25, 2006
Ceci n'est pas une planete
With apologies to Magritte...
That's right, I'm jumping on the Pluto bandwagon (and why not? For after all, Pluto was not only the Roman god of the underworld but the patron deity of wealth as well, hence the word plutocracy), with a stylish black t-shirt at CafePress.com:
Get 'em while supplies last...
Despite the fact that I am both a Classicist and a huge astronomy buff, I have to say the news of Pluto's recent demotion to the newly-created category of "dwarf planet" hasn't irked me nearly as much as it seems to have countless other souls. Pluto's always been something of an odd-ball, anyway, what with its elliptical orbit which actually made it the eighth planet from the Sun for several years unbeknownst to most of us and no doubt much to Neptune's eternal chagrin (to think, a gas giant overshadowed by a dirty little ice ball)!
The problem with keeping Pluto as a planet is that the recent discovery of myriad objects the same size or even larger would have necessitated a massive enlargement of the solar system. The objects known as Charon, Ceres, and "Xena" would have been only the tip of the iceberg so to speak, since astronomers continue to find ever more planet-like objects as our observational capabilities advance. Had the International Astronomical Union voted to keep Pluto, it would have been very difficult not to admit the several dozen of its peers which have now instead been labelled "dwarf planets".
If we are to find some way to continue to honor our former ninth planet, perhaps the best way would have been to adopt the term "pluton" to describe these ubiquitous smaller spheres of rock and ice hurtling through the outer reaches of the solar system. But alas, the proposal to do just that was axed when a bunch of angry geologists pointed out the fact that pluton already refers to a type of igneous rock.
Sorry, Pluto. Maybe the words of Richard Binzel, my astronomy professor at MIT, can offer some consolation (and some much-needed perspective) in this your hour of need:
The Pluto Portal: Do you think Pluto is a planet, if so why or why not?
Professor Binzel: Pluto is Pluto, no matter what label we put on it. What is important is to learn about and understand what Pluto is.
Well said! Now buy my t-shirt.
That's right, I'm jumping on the Pluto bandwagon (and why not? For after all, Pluto was not only the Roman god of the underworld but the patron deity of wealth as well, hence the word plutocracy), with a stylish black t-shirt at CafePress.com:
Get 'em while supplies last...
Despite the fact that I am both a Classicist and a huge astronomy buff, I have to say the news of Pluto's recent demotion to the newly-created category of "dwarf planet" hasn't irked me nearly as much as it seems to have countless other souls. Pluto's always been something of an odd-ball, anyway, what with its elliptical orbit which actually made it the eighth planet from the Sun for several years unbeknownst to most of us and no doubt much to Neptune's eternal chagrin (to think, a gas giant overshadowed by a dirty little ice ball)!
The problem with keeping Pluto as a planet is that the recent discovery of myriad objects the same size or even larger would have necessitated a massive enlargement of the solar system. The objects known as Charon, Ceres, and "Xena" would have been only the tip of the iceberg so to speak, since astronomers continue to find ever more planet-like objects as our observational capabilities advance. Had the International Astronomical Union voted to keep Pluto, it would have been very difficult not to admit the several dozen of its peers which have now instead been labelled "dwarf planets".
If we are to find some way to continue to honor our former ninth planet, perhaps the best way would have been to adopt the term "pluton" to describe these ubiquitous smaller spheres of rock and ice hurtling through the outer reaches of the solar system. But alas, the proposal to do just that was axed when a bunch of angry geologists pointed out the fact that pluton already refers to a type of igneous rock.
Sorry, Pluto. Maybe the words of Richard Binzel, my astronomy professor at MIT, can offer some consolation (and some much-needed perspective) in this your hour of need:
The Pluto Portal: Do you think Pluto is a planet, if so why or why not?
Professor Binzel: Pluto is Pluto, no matter what label we put on it. What is important is to learn about and understand what Pluto is.
Well said! Now buy my t-shirt.
Subscribe to:
Posts (Atom)