Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Petraeus Fallout: 5 Gmail Security Facts
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
pegifoku
pegifoku,
User Rank: Apprentice
2/10/2016 | 11:41:27 PM
thanks
Thanks for showing me some revealing facts
citukuho
citukuho,
User Rank: Apprentice
2/10/2016 | 1:40:59 AM
Thanks
thanks for info
ANON1243361309294
ANON1243361309294,
User Rank: Apprentice
11/20/2012 | 3:26:31 PM
re: Petraeus Fallout: 5 Gmail Security Facts
was curious about that too, thanks for answering Mathew.
majenkins
majenkins,
User Rank: Apprentice
11/19/2012 | 4:15:41 PM
re: Petraeus Fallout: 5 Gmail Security Facts
"Want to avoid a fall from grace? Then ensure you're not the chief of a spy agency who coordinates your extramarital affairs using a free webmail service."

How about don't have an affair in the first place!!! If you are disciplined enough to remember to hide your activities well then how about being disciplined enough remain faithful to your spouse then there is nothing to hide.
ANewNickname
ANewNickname,
User Rank: Apprentice
11/16/2012 | 11:39:34 AM
re: Petraeus Fallout: 5 Gmail Security Facts
Maybe he's an Edgar Allan Poe fan.
FT1
FT1,
User Rank: Apprentice
11/16/2012 | 4:18:46 AM
re: Petraeus Fallout: 5 Gmail Security Facts
The director of the CIA doesn't know about Email encryption like PGP or ofshore VPN and email services like Unspyable. I worry about the jokers running governments these days, top down.
AustinIT
AustinIT,
User Rank: Apprentice
11/15/2012 | 3:45:29 PM
re: Petraeus Fallout: 5 Gmail Security Facts
Seems they would have been better off using disposable cell phones to communicate. Hard to believe our top dog would use Google services... for an affair no less. Sheesh.
macker490
macker490,
User Rank: Ninja
11/15/2012 | 12:18:55 PM
re: Petraeus Fallout: 5 Gmail Security Facts
learn to use GnuPG/ENIGMAIL or its equivalent Outlook/PGP

short of that just agree to a password -- preferably in a private meeting -- and then use WinZIP: Edit your message any way you like. Then ZIP it using the agreed password and send it as an attachment. Be sure to check the scrub original option. AES128 is sufficient but you can use AES256 if you like.

once you have done this your remaining concerns are: (1) you must be sure of the physical security of you endpoint computers.... and (this is the tough one) (2) you must be sure you do not have any un-authorized programming -- virus -- in your computer. If you do: your computer is an open book. I recommend starting by switching computers handling sensitive information to Linux/Ubuntu. Use a separate user logon for all sensitive activity.

this will not cover up any traffic analysis that may be employed. who you talk to can be discovered.
PhilAnderer
PhilAnderer,
User Rank: Apprentice
11/14/2012 | 8:50:57 PM
re: Petraeus Fallout: 5 Gmail Security Facts
One would have thought that 2 top ranking military men would have been better at hiding their extra-marital manoeuvres and had the good sense to not cheat so close to home, especially when it is so easy to meet strangers on websites such as Undercover Lovers and Ashley Madison nowadays.
indiffer3nce
indiffer3nce,
User Rank: Apprentice
11/14/2012 | 6:00:15 PM
re: Petraeus Fallout: 5 Gmail Security Facts
any chance you can provide ANY actual empirical data to backup your statement "Free Email Services Aren't Secure"...its quite a nice FUD statement and lacks almost any truth.
Page 1 / 2   >   >>


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-42306
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can send a crafted packet to pbx_exchange during registration and cause a NULL pointer exception, effectively crashing the pbx_exchange process.
CVE-2022-42307
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to an XML External Entity (XXE) Injection attack through the DiscoveryService service.
CVE-2022-42308
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 8.2 and related Veritas products. An attacker with local access can delete arbitrary files by leveraging a path traversal in the pbx_exchange registration code.
CVE-2022-42303
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a second-order SQL Injection attack affecting the NBFSMCLIENT service by leveraging CVE-2022-42302.
CVE-2022-42304
PUBLISHED: 2022-10-03
An issue was discovered in Veritas NetBackup through 10.0 and related Veritas products. The NetBackup Primary server is vulnerable to a SQL Injection attack affecting idm, nbars, and SLP manager code.