Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Buying anything on Amazon? Please use the Geekzone Amazon aff link.


View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
241 posts

Master Geek
+1 received by user: 28


  Reply # 977096 30-Jan-2014 09:53 One person supports this post Send private message

Quote from Telecoms status page, today

"Yahoo have advised us that they are experiencing an email security threat, which we have reason to believe may have compromised some Xtra email customers’ accounts."

So, have more a/c's been hacked or not ??
Is the current round of spam, from last years stolen contact lists, or a new issue ??
Do Telecom even know whats going on, are yahoo being honest & up front with the issue ??

BT moved all their customers off yahoo last year due to these issues, so it is possible . Are Telecom locked into Yahoo with a contract
or do Telecom simply not want to put the time & $$ into moving away from Yahoo email ?


7777 posts

Uber Geek
+1 received by user: 326

Trusted
Subscriber

  Reply # 977346 30-Jan-2014 13:14 Send private message

Zeon: Maybe they should just start publishing SPF records......


QFT

7777 posts

Uber Geek
+1 received by user: 326

Trusted
Subscriber

  Reply # 977350 30-Jan-2014 13:15 Send private message

richms: They could deploy some spf records so that the spoofing doesn't work. Not hard except that all their customers with incorrect smtp settings would find emails being blackholed.


So proper SPF records would fix two problems...

This kind of legacy "technical debt" need to be paid down at some point, now's good....

7473 posts

Uber Geek
+1 received by user: 418


  Reply # 977357 30-Jan-2014 13:21 Send private message

1101: Quote from Telecoms status page, today

"Yahoo have advised us that they are experiencing an email security threat, which we have reason to believe may have compromised some Xtra email customers’ accounts."

So, have more a/c's been hacked or not ??
Is the current round of spam, from last years stolen contact lists, or a new issue ??
Do Telecom even know whats going on, are yahoo being honest & up front with the issue ??

BT moved all their customers off yahoo last year due to these issues, so it is possible . Are Telecom locked into Yahoo with a contract
or do Telecom simply not want to put the time & $$ into moving away from Yahoo email ?



Who did BT move to? 

241 posts

Master Geek
+1 received by user: 28


  Reply # 979236 3-Feb-2014 10:02 Send private message

And finally the explanation as to why Telecom cant dump Yahoo
This would had to have been one of the more stupid decisions, management were getting paid how much ?
If customers loose the @xtra adress, many will have no good reason to stay with Telecom as their ISP


"....When Telecom outsourced Xtra to Yahoo in 2007, it handed over the rights to the Xtra internet domain to Yahoo.
That means that if it now dropped the service, it could not guarantee customers would be able to retain their existing email addresses"

http://www.stuff.co.nz/technology/digital-living/30013748/no-end-in-sight-for-xtra-agony

124 posts

Master Geek
+1 received by user: 22


  Reply # 979477 3-Feb-2014 15:52 One person supports this post Send private message

1101: And finally the explanation as to why Telecom cant dump Yahoo
This would had to have been one of the more stupid decisions, management were getting paid how much ?
If customers loose the @xtra adress, many will have no good reason to stay with Telecom as their ISP


"....When Telecom outsourced Xtra to Yahoo in 2007, it handed over the rights to the Xtra internet domain to Yahoo.
That means that if it now dropped the service, it could not guarantee customers would be able to retain their existing email addresses"

http://www.stuff.co.nz/technology/digital-living/30013748/no-end-in-sight-for-xtra-agony


First time I've heard Telecom Handed over the rights to the @xtra.co.nz domain as:


query_datetime: 2014-02-03T15:50:09+13:00
domain_name: xtra.co.nz
query_status: 200 Active
domain_dateregistered: 1997-03-06T00:00:00+13:00
domain_datebilleduntil: 2015-01-01T00:00:00+13:00
domain_datelastmodified: 2013-12-21T01:35:54+13:00
domain_delegaterequested: yes
domain_signed: no
%
registrar_name: Domainz Limited
registrar_address1: Private Bag 1810
registrar_city: Wellington
registrar_country: NZ (NEW ZEALAND)
registrar_phone: +64 4 473 4567
registrar_fax: +64 4 473 4569
registrar_email: @domainz.net.nz
%
registrant_contact_name: Telecom IP Limited
registrant_contact_address1: P O Box 949
registrant_contact_city: WELLINGTON
registrant_contact_country: NZ (NEW ZEALAND)
registrant_contact_phone: +64 44 738278
registrant_contact_fax: +64 44 723358
registrant_contact_email: @ajpark.com
%
admin_contact_name: A J Park
admin_contact_address1: P O Box 949
admin_contact_city: WELLINGTON
admin_contact_country: NZ (NEW ZEALAND)
admin_contact_phone: +64 44 738278
admin_contact_fax: +64 44 723358
admin_contact_email: @ajpark.com
%
technical_contact_name: Xtra Limited
technical_contact_address1: Private Bag 92028
technical_contact_address2: Auckland New Zealand
technical_contact_city: Auckland
technical_contact_country: NZ (NEW ZEALAND)
technical_contact_phone: +64 9 355 5200
technical_contact_email: @xtra.co.nz


I don't see yahoo in any of that, Fairfax 'reporters' being fairfax 'reporters'

BDFL
50173 posts

Uber Geek
+1 received by user: 4738

Administrator
Trusted
Geekzone
Subscriber

  Reply # 979491 3-Feb-2014 16:18 Send private message

I asked Telecom about this and got no reply.

I am not sure the journalist didn't get the meaning of "MX delegation" or just trolling.




440 posts

Ultimate Geek
+1 received by user: 51


  Reply # 979718 3-Feb-2014 20:59 2 people support this post Send private message

The cat seems to be out of the bag. Telecom are now teaching people how to delete spam.

The spammers can spoof the address' to their hearts content, and have the address books for all the compromised accounts, to keep making their messages look legit.

They (the spammers) don't need any more security breaches. As long as people keep their xtra email address' , and they have the same social contacts, we're all going to be fair game.

1604 posts

Uber Geek
+1 received by user: 228


  Reply # 979945 4-Feb-2014 10:07 Send private message

Jeez, telecom have really played fast and loose with their customer data.

I wonder why telecom tolerate such frequent hacks to their customer email accounts? It is getting to the point where I think telecom enjoys letting their customers be hacked.

I've largely moved away from using my telecom email now. It is just getting way too many hacks.


70 posts

Master Geek
+1 received by user: 12


  Reply # 980078 4-Feb-2014 13:03 Send private message

surfisup1000: Jeez, telecom have really played fast and loose with their customer data.

I wonder why telecom tolerate such frequent hacks to their customer email accounts? It is getting to the point where I think telecom enjoys letting their customers be hacked.

I've largely moved away from using my telecom email now. It is just getting way too many hacks.



The problem here is that Telecom no longer have any control over the Xtra brand.
Yahoo own the domain and rights to Xtra 100%. That happened back in 2011.

There's no way that those Xtra customers can leave Yahoo - and also keep their Xtra email addresses.
http://techday.com/telco-review/news/telecom-sells-yahooxtra-stake/19896/

BDFL
50173 posts

Uber Geek
+1 received by user: 4738

Administrator
Trusted
Geekzone
Subscriber

  Reply # 980095 4-Feb-2014 13:37 2 people support this post Send private message

So, in reality these are Yahoo! customers, not Telecom New Zealand's customers.

Dump the service entirely then, and let Yahoo! deal with it ;)






124 posts

Master Geek
+1 received by user: 22


  Reply # 980103 4-Feb-2014 13:45 Send private message

thegeekboy:
surfisup1000: Jeez, telecom have really played fast and loose with their customer data.

I wonder why telecom tolerate such frequent hacks to their customer email accounts? It is getting to the point where I think telecom enjoys letting their customers be hacked.

I've largely moved away from using my telecom email now. It is just getting way too many hacks.



The problem here is that Telecom no longer have any control over the Xtra brand.
Yahoo own the domain and rights to Xtra 100%. That happened back in 2011.

There's no way that those Xtra customers can leave Yahoo - and also keep their Xtra email addresses.
http://techday.com/telco-review/news/telecom-sells-yahooxtra-stake/19896/


Yahoo!Xtra was just the Yahoo.co.nz homepage, it was similar to the Xtra MSN from earlier on they used to have and is similar to the the old BT/Yahoo relationship that used to exsist, Telecom still is the registra holder of @xtra.co.nz.

There is nothing that says Telecom has ever sold on the @xtra.co.nz Domain I'm yet to see one piece of evidence that supports this suppsoed 'fact'

res

8 posts

Wannabe Geek
+1 received by user: 3


  Reply # 980510 5-Feb-2014 09:06 3 people support this post Send private message

I see Chris Quin was on the radio misleading people yesterday:

 - Telecom is doing all it can??? Has it sacked Yahoo like BT?  Or if it really has lost control which does not appear to be the case, has it disowned  Yahoo and Xtra email, telling us what the commercial relationship with Yahoo is?

 - "Mr Quin said the Yahoo/Xtra system is as well protected as any of the major services" (off RadioNZ web site)???  Really?  So Googlemail , Hotmail/Outlook etc are all making headlines for the same reasons?

Front up Telecom, take some ownership.  Do something.

Of the few PC's/Users I look after, one Xtra account did get locked (this account had a 9 character password, a brute force attack seems unlikely) - but no plain Yahoo accounts were affected.  Curiously plain Yahoo accounts have access to a login history page, though the link is hard to find, but Yahoo-Xtra accounts don't have this.  I discovered though that the link does work if cut and pasted from a plain Yahoo session to an Xtra session.  My logins to this not regularly used Xtra account were there, all showing access from "Browser" in NZ.  But there at the bottom, a successful login from the Ukraine marked not "Browser" but "Yahoo Partner Access"!!

My guess would be that Yahoo do not even use second level authentication on "partner" access.  But we'll never know for sure I guess.  We'll just know that they are hopelessly insecure however they achieve it!



1150 posts

Uber Geek
+1 received by user: 76


  Reply # 980546 5-Feb-2014 10:22 Send private message

Lazarui:
thegeekboy:
surfisup1000: Jeez, telecom have really played fast and loose with their customer data.

I wonder why telecom tolerate such frequent hacks to their customer email accounts? It is getting to the point where I think telecom enjoys letting their customers be hacked.

I've largely moved away from using my telecom email now. It is just getting way too many hacks.



The problem here is that Telecom no longer have any control over the Xtra brand.
Yahoo own the domain and rights to Xtra 100%. That happened back in 2011.

There's no way that those Xtra customers can leave Yahoo - and also keep their Xtra email addresses.
http://techday.com/telco-review/news/telecom-sells-yahooxtra-stake/19896/


Yahoo!Xtra was just the Yahoo.co.nz homepage, it was similar to the Xtra MSN from earlier on they used to have and is similar to the the old BT/Yahoo relationship that used to exsist, Telecom still is the registra holder of @xtra.co.nz.

There is nothing that says Telecom has ever sold on the @xtra.co.nz Domain I'm yet to see one piece of evidence that supports this suppsoed 'fact'


did you even read the link provided by the poster, did you read the bit that said Telecom divested itself of it's 49% stake in yahoo/xtra so now yahoo own it 100% of it

Telecom NZ may still own the xtra.co.nz domain name but yahoo owns the email services side of it and good luck in getting them to release user data back to telecom




Asus Crosshair V Formula AMD FX8320, 8GB Corsair Vengence LP, 2X Sapphire Radeon HD7850 2GB 1000/1300, 1x WesternDigital WD2500AAJS 7200rpm 8MB cache SATAII , 1x Samsung spinpoin F1 HD502IJ 1x storage mode, 2x Samsung Spinpoint F1 HD502IJ RAID0 Boot, 1x Pioneer DVR212s 18x DVDRW, SilverStone ST75F-P (750W) Full Modular PSU, OS WIN7 x64 ultimate SP1 (7601), SilverStone RaVeN RV02B-W (with USB3.0 upgrade)

42 posts

Geek
+1 received by user: 18


  Reply # 980547 5-Feb-2014 10:31 Send private message

res: I see Chris Quin was on the radio misleading people yesterday:

Good post res. I heard the Quin interview and assumed he was just a Telecom spin doctor with minimal technical knowledge whose job was to appease the Xtra masses. He used phrases like, 'We have to remember that there's been an increase in this sort of activity all around the world' to imply that Xtra hasn't been singled out. I'm surprised that none of the tech journalists have got a grip on this story yet and most media seem happy to accept the Telecom line that Xtra users should just 'delete spam emails'.

Yahoo's service is obviously badly compromised. Telecom's refusal to implement SPF makes the spammers' job so much easier.




1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11
View this topic in a long page with up to 500 replies per page Create new topic




Twitter »
Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





Trending now »

Hot discussions in our forums right now:

Netflix officialy launching in NZ in March
Created by jarj, last reply by tdgeek on 21-Nov-2014 19:08 (97 replies)
Pages... 5 6 7


Gull Employment Dispute.
Created by networkn, last reply by richms on 23-Nov-2014 23:05 (71 replies)
Pages... 3 4 5


Which one is right for me? M8, Z3, S5 or other?
Created by makiomoto, last reply by makiomoto on 20-Nov-2014 13:52 (40 replies)
Pages... 2 3


Click Monday Deals
Created by mrtoken, last reply by mrtoken on 24-Nov-2014 08:57 (17 replies)
Pages... 2


Free 1gb data with $19 combo until end of Jan 2015 (1.5gb total)
Created by eXDee, last reply by Shoes2468 on 23-Nov-2014 23:01 (16 replies)
Pages... 2


Slingshot line speed
Created by Frankiej45, last reply by Frankiej45 on 20-Nov-2014 14:38 (14 replies)

Little Wins labour Leadership
Created by MikeAqua, last reply by Aredwood on 21-Nov-2014 18:47 (53 replies)
Pages... 2 3 4


My connection is too fast
Created by ckc, last reply by Geektastic on 20-Nov-2014 11:30 (25 replies)
Pages... 2



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.